In TCP mode, HAproxy doesn't actually even terminate SSL, it just passes the packets on to the backend.

/etc/haproxy/haproxy.conf
global
	chroot /var/lib/haproxy
	stats socket /run/haproxy/admin.sock mode 660 level admin
	stats timeout 30s
	user haproxy
	group haproxy
	daemon

	# Default SSL material locations
	ca-base /etc/ssl/certs
	crt-base /etc/ssl/private

defaults
	mode	http
	option	dontlognull

frontend frontend1
	bind *:8081
	mode tcp
	use_backend backends1

backend backends1
	mode tcp
	balance roundrobin
	server server1 192.168.1.100:8080 weight 1 maxconn 100 check inter 2000
	server server2 192.168.1.101:8080 weight 1 maxconn 100 check inter 2000

HaProxy will listen on port 8081 and redirect the traffic between server1 and server2 using roundrobin algorithm.