SSL Handshake Errors When Proxying Repo Requests

I’m currently trying to set up haproxy to redirect requests to our local nexus repository. I configured haproxy for SSL termination and started everything up. If I navigate to the repo using a browser, it throws a warning about our self signed certificate, but it goes to the right place. When I try to make maven requests against the same repo however it fails with the error:
PKIX path building failed:
unable to find valid certification path to requested target

If I look at the logs for haproxy I can see a bunch of

http-in/2: SSL handshake failure

errors. I’m not quite sure what I’m missing here. Can anyone help?

Here are the relevant sections of my haproxy config:

        log     global
        mode    http
        option  httplog
        option  dontlognull
        timeout connect 5000
        timeout client  50000
        timeout server  50000
        errorfile 400 /etc/haproxy/errors/400.http
        errorfile 403 /etc/haproxy/errors/403.http
        errorfile 408 /etc/haproxy/errors/408.http
        errorfile 500 /etc/haproxy/errors/500.http
        errorfile 502 /etc/haproxy/errors/502.http
        errorfile 503 /etc/haproxy/errors/503.http
        errorfile 504 /etc/haproxy/errors/504.http

frontend http-in
    mode http
    #process all requests made on port 80
    bind *:80
    bind *:443 ssl crt /etc/apache2/ssl/ no-sslv3

    option forwardfor
    option http-server-close
    option http-pretend-keepalive
    #reqadd X-Forwarded-Proto:\ http
    default_backend backend_www_nexus

backend backend_www_nexus
            timeout server 86400000
            timeout connect 5000
            server web01
            http-request set-header X-Forwarded-Port %[dst_port]
            http-request add-header X-Forwarded-Proto https if { ssl_fc }

You don’t have a valid certificate and your client doesn’t like it.