I’m even less of a SSL/security expert than I am a Docker expert, but I think the “root” issue is that, yes openssl works, but mono uses BoringSSL.
Can you try csharp -e 'new System.Net.WebClient ().DownloadString ("https://api.backblazeb2.com")' in your test? Seems like that’s the way of testing how Duplicati interfaces with backblaze.