With HTTPS redirects, you have the ability to add TLS (formerly SSL) encryption to your URL forwards. Given that more of the web is moving toward using https as a requirement, not using https in any redirects can cause friction such as browser warnings or search engine penalties.
When you enable HTTPS in your URL forwarding settings, the system generates a wildcard Lets Encrypt certificate at your domain apex, so that you can forward multiple hostnames, including your root domain using TLS encrypted redirects.
Any requests that come in on an unencrypted transport like http:// will be redirected as normal.
