It’s doesn’t fail because TCP mode doesn’t support this, it fails because you did not tell haproxy that the health check has to be encrypted. It sends plaintext HTTP to your port 443 as health check.
Specify the check-ssl directive on each server to make haproxy use a SSL layer, therefor making a HTTPS request for the health check.