After Cloudflare CDN is setup in front of Nginx server. Clients don’t have direct access to Nginx anymore. The content is fetched by the intermedia proxy provided by Cloudflare. The cause of the problem is this very proxy doesn’t follow redirection set on Nginx. Or you can deem it’s hardcoded.
Unlike a web browser who follows the 302/301 redirection. The behavior of the proxy, access the Nginx on our VPS by HTTP or HTTPS, is configured in Cloudflare Dashboard -> «SSL/TLS».
The solution is to configure the encryption level higher than «Full».