This configuration does not make sense to me, let’s clarify what your goals are first.
You do not appear to have any domains where you need to pass through SSL transparently, without SSL termination.
All the SSL termination should happen on haproxy, correct? There are no (real) backends that expect traffic on port 443?
Why all those duplicates backends?
Unless your requirements are way more complicated, just configure both certificates on the bind line:
frontend fe1
bind *:80
bind *:443 ssl crt /etc/haproxy/ssl/2.pem crt /etc/haproxy/ssl/1.pem force-tlsv12 force-tlsv12
default_backend be1
backend be1
balance roundrobin
server 1 192.168.20.101:80 check
server 2 192.168.20.102:80 check