Hallo,
the clue is in your dev_icm:
[Thr 6640] secude_error 536872221 (0x2000051d) = "Server's certificate (chain) is untrusted (or incomplete)"
(...)
[Thr 2360] session uses PSE file "D:\usr\sap\SM1\DVEBMGS00\sec\SAPSSLS.pse"
(...)
[Thr 2360] secude_error 536875074 (0x20001042) = "received a fatal SSLv3 bad certificate alert message from the peer"
SAPSSLS.pse indicates that the certificates in "SSL client SSL Client (Standard)" are not correct or not complete.
The ADFS certificates will have been automatically added by the SAML2 transaction/configuration under "SSF SAML2 Service Provider ...".
It's not sufficient to add the ADFS certiifcate to "SSL client SSL Client (Standard)": the intermediate and root certifcates which are used to sign the ADFS certiifcate need to be added here!
Those root intermediate certificates can be extracted from the ADFS certificate.
Refer to http://service.sap.com/sap/support/notes/1094342 how to extract the root and intermediate.
Regards
Thomas.
