Yes. Here's why:
When someone makes a request via HTTP for the resource, it's directed to the server. That very first request is over HTTP until the server rewrites it into HTTPS. The conf_global will keep it in HTTPS, but that initial load may be over HTTP until upgraded.
HSTS tells the BROWSER don't allow this. For a period of time (say 6 months), the browser will automatically upgrade any HTTP connections to HTTPS for the domain.
Basically it's enabling the encryption BEFORE it actually reaches the server (meaning CF in this case). If you're doing this, you never need CF to handle forcing SSL. It happens via HSTS and stays that way via conf_global.php in your file paths.
https://en.wikipedia.org/wiki/HTTP_Strict_Transport_Security