We get asked this a lot and the answer is simple. The web server does not DROP https connections if made so it's forced to load a site that has a SSL/TLS certificate even if not your website. The fix for this is really simple, you just need to enable SSL/TLS via Let's Encrypt (see https://www.nodehost.ca/community/d/5-securing-your-site-with-let-s-encrypt) or create a self signed SSL.
Once done when your site is loaded via HTTPS it will return your website files and SSL/TLS certificate.
This also happens if you are using a domain alias and you don't add a specific alilas for www.
Example: mydomain.com & www.mydomain.com
thegeek411 Yes, If the domain attempted to be viewed is no in the domains list it will need to respond by the last site config file it loaded that was complete. This is all responses that the server MUST respond to or things like LE signing would fail.