That’s much better, but please use Full (Strict). Cloudflare uses Let’s Encrypt at the edge as well as their own Cloudflare/DigiCert certs. Your browser’s Dev Tools (F12 in Chrome) will show you in the Network tab if a request is using Cloudflare (Click on a file after your site loads and look at the Response Headers).
Ok it’s done, I just switched to Strict mode. But I had already done this test and I think it didn’t change anything, I still have Let’s encrypt at the certificate level.
I also enabled “Authenticated extractions from the origin server” which should normally display an error on the site if I haven’t set up the server side certificate. Even though I didn’t install the certificate, the error doesn’t appear.
Really strange, maybe I should wait another 24 hours and see if there is a change?