why is perlmonks forcing a secure connection?
Technically, Pair started redirecting to https as the default action (see https://www.pair.com/support/kb/faq-default-https-settings-ssl-certificate/#1, and more discussion in the End of HTTP? thread), so Pair is "forcing" Perlmonks to use a secure connection (though, as haukex pointed out, there is a configuration that Pair has given to their hosted sites to go back to http as the default for sites that so choose).
Personally, I think that if Pair is encouraging the changeover to solely-https, then Pair should have worked to resolve known issues (having the one server of three on Perlmonks that has the pair.com certificate has been seen by us Monks ever since Perlmonks started using the Let's Encrypt certificates, and I cannot believe no one informed Pair of this problem). Since Pair didn't resolve it before changing the default to https, Pair needs to work quickly to resolve the problem. (And while hippo's suggested temporary fix to DNS config would work, I think the onus should be on Pair to configure all three servers to properly use the LE certificate for perlmonks)
On my phone browser, which doesn't allow saving the security exception, I have had to switch to the perlmonks.pair.com URL, because otherwise, I have to do three clicks (the link, "show-advanced-options" button, and the "ignore-it-this-time" link) every time the round-robin picks the bad server.... and it sure feels like it was more than 1/3 of the time (though it is probably observation bias). When I get home today, I am going to switch over to hippo's host-file workaround, because even though my browser has the exception stored, my antivirus/antimalware has started flagging in the browser, and I have to do another click for every time the bad server is selected. Fortunately, and with a touch of irony given my work's added security and IT overhead and restrictions, at work my only browsing location that's still allowing me to simply store the exception and accept the *.pair.com for perlmonks.org and browse hassle-free. :-) But I'm watching these threads for news that the problem has been fixed, and the one-of-three is no longer serving the *.pair.com certificate when using the perlmonks.org/.com domain, so I can undo the workarounds and go back to safe browsing.