Hello Matthias,
Thank you for that. You have gone on to the next step of validation yourself so that's great. So we see the provider server is able to and willing to talk as long as you provide the certificate path explicitly.
That does indeed bring us back to SAP as you have said.
So if I recap as I'm slightly losing track.
1. You sent your client cert to the provider.
2. Your provider imported your client cert into their trusted store.
3. Both you and the provider have the full CA chain for each others certificates.
4. Your basis people evaluated/implemented the ssl/client_ciphersuite change that was suggested to you.
Have I missed/misunderstood something ?
Amerjit