I don’t see any redirect in mydomain.tld-le-ssl.conf - so if someone hits https://www.mydomain.tld they won’t get redirected to https://mydomain.tld - you need to add a redirect there if you want that to happen, for example using mod_rewrite:
RewriteCond %{HTTP_HOST} ^www\.(.+)$ [NC]
RewriteRule ^ https://%1%{REQUEST_URI} [L,R=301]
The reason http://www.mydomain.tld isn’t redirecting as expected may be because your HSTS rule is kicking in first, so the browser directly requests https://www.mydomain.tld instead and you then run into the same problem as above. (I’d suggest getting all the redirects working correctly before enabling HSTS, it’ll only complicate things otherwise).
As to why http://mydomain.tld doesn’t redirect the first time, I dunno. Sounds like a cache problem.