HTTPS redirect behaving differently after CF certificate auto renewal


Our app has had HTTPS rewrite for very long time done using page rules or server level redirect.
After our CF certificate was automatically renewed on 23.11, some our our partners can no longer get data from us. Problem is that they are redirected to HTTPS now using HTTP code 308 instead of 301 as before which is not understood by their code.
This could mean that setting: “Always Use HTTPS” is not, which is not true.

As we can always ask people to fix their code, this is strange behavior and has come without warning.

Can we somehow fix this issue by regenerating CF certificate the correct way or do something else?