Since you say “we have proper hosting” that is not infinityfree (currently Linode)
the first question is why you are not using Cloudflare certificates ?
because your domain goes through Cloudflare NS
you can have a flex cert on CF…
for full mode, you should also have a cert on origin (which is self-signed)
for full strict you need to have a valid certificate on origin
if you completely decide for this hosting
then you need to route the domain through CF DNS
to lead to the IP assigned to you by this hosting
and then, depending on the CF settings, choose the certificate you want to have and which will be installed on this hosting
e.g.
btw. HTTPS version
but the above has nothing to do with us because you are technically not our user at the moment
