Yeah, you do have a valid certificate now (though it does not cover the www host and that could be an issue) and I can also confirm that there’s a 403 when going via the proxies.
This 403 comes from your server and your server will be blocking the requests from Cloudflare. You’ll need to go through your server logs and check why it blocks it and adjust your server configuration.
Also make sure your encryption mode is Full Strict.