You need to use the paid features of CloudFlare for HTTPS sites…
Thanks for taking the time to respond, but actually I don’t: http://blog.cloudflare.com/introducing-universal-ssl/
Did not know they had rolled that out…but:
1. You are only encrypting content from CloudFlare to the end users with this, not from your site to CloudFlare. In the article, it notes this and suggests you use an SSL cert. on the site itself.
2. If you do not, you will need to find out what content is not being cached at CloudFlare. Usually this is external content, such as a Google Font, a YouTube Video, a third party API, Social Media items, etc. Just review all content for http://site.com/ and find where to change that to https://site.com/ (in a theme file, in site content, from a poorly done plugin). You can view each page’s source code and use the browser search function to look for them. If you have hardcoded external URL‘s @ http://site.com/ into content, you can perform a search and replace on the DB using phpMyAdmin (always backup fully your DB prior to any manual work on it).
It is always OK to be at HTTP and include an external URL at HTTPS, but never the other way around.
Unfortunately it turns out WP was getting stuck in an infinite redirect loop. This article’s advice appears to do the trick: https://atechnologyjobisnoexcuse.com/2014/10/redirect-loops-with-ssl-wordpress-and-cloudflare/
