CNAME redirecting www to non-www redirects to http instead of https

Welcome to the Cloudflare Community. :logodrop:

A CNAME is not a redirect. You can think of it like a nickname, not unlike someone named Robert who also answers to Bob. In order for the CNAME to work, Robert needs to know that he is expected to answer to Bob. Your Robert knows that he is also Bob, so you are good there.

This means that the current redirect from to is being performed by a redirect at your origin server. You can skip over that by deploying a redirect at Cloudflare that goes directly to the HTTPS version.