When your origin is an Amazon S3 bucket, your options for using HTTPS for communications with CloudFront depend on how you're using the bucket. If your Amazon S3 bucket is configured as a website endpoint, you can't configure CloudFront to use HTTPS to communicate with your origin because Amazon S3 doesn't support HTTPS connections in that configuration.
If you want to require HTTPS for communication between CloudFront and Amazon S3, you must change the value of Viewer Protocol Policy to Redirect HTTP to HTTPS or HTTPS Only.
Can you confirm if the above 2 requirements have been checked ?
Check the below articles and you ll be able to better configure and understand the same.  https://aws.amazon.com/premiumsupport/knowledge-center/cloudfront-https-requests-s3/
Lightsail Distrbution, custom SSL certificate and custom domainasked 7 months ago
EB url renders ssl certificate unsafeasked a year ago
HTTPS access error – browsers don’t see the certificate used for configuring SSL in Elastic Load BalancerAccepted Answerasked 5 months ago
SSL/TLS Certificate Renewalasked 16 days ago
Lightsail enable SSL certificate AttachCertificateToDistribution errorasked a month ago
SSL Name Mismatch with API Gateway Custom Domainasked 8 days ago
I can't validate the Lightsail cdn SSL certificate and I don't know why?Accepted Answerasked 2 months ago
SSL certificate with S3 bucketasked 6 days ago
Using own domain for cognito. Rejected bc no A record. But I have one.asked 3 years ago
I cannot get my SSL Certificate to show installed.asked 2 months ago