Insecure login form (incorrect URL in form action)

On my multisite, even though I think I've done everything I can to force HTTPS everywhere, my login form from a sub-site has a url with HTTP in the form action.

To see what I mean, compare:
https://folkpress.m9n.uk/wp-login.php
with
https://nwup.folkpress.m9n.uk/wp-login.php

This results in users of sub-sites not being able to log in, unless they use the main site's log in page.

I'm using the Domain Mapping plugin, v4.4.2.5. I've also opened up support access on the multisite, in case that helps to diagnose.

Any ideas what might be causing this?