Layer6 invalid response, info: "SSL handshake failure"

Somehow all the other posts don’t specifically solve my issue so…
Hi all,

I have two backend servers that are running on Port 443 SSL via IIS using the CCS (Centralized Certification Server) module.

Access to those two backend servers works fine:

However the health check on HaProxy fails with a Layer 6 issue.
[WARNING] (5477) : Server cso-cs-frontends/otcs01 is DOWN, reason: Layer6 invalid response, info: "SSL handshake failure", check duration: 1ms. 1 active and 0 backup servers left.

I already tried to use a verifyhost however it did not solve the issue. Ideas? The certificate is a wildcard one from sectigo since dev machines.

backend config:

backend cso-cs-frontends
    balance roundrobin
    mode http
    cookie SERVERID insert indirect nocache
    server otcs01 ssl verifyhost verify required ca-file /data/cso-fs-ssl/sectigo-cert-chain.crt cookie msecmcsf01 check
    server otcs02 ssl verifyhost verify required ca-file /data/cso-fs-ssl/sectigo-cert-chain.crt cookie msecmcsf02 check


Did a few additional troubleshooting steps but it doesn’t make any sense:

openssl s_client -connect says:

SSL handshake has read 5236 bytes and written 407 bytes
Verification: OK

Which is what I expect since a connect from a clients browser works fine
Anyone else has any idea what could be wrong here?