I did an additional test and gave nginx a chance with a very minimal temporary configuration… and it worked without any issues. This threw me back to the beginnings of my repository server as there was only one repo existent.
It turns out the error begins with directory specific SSLVerifyClient require statements in the apache2 config. I changed my apache2 setup to follows:
<VirtualHost *:443>
...
SSLCACertificateFile "/etc/apache2/ssl.crt/ca.crt"
SSLCARevocationCheck chain
SSLCARevocationFile "/etc/apache2/ssl.crl/ca.crl"
SSLVerifyClient require
SSLVerifyDepth 2
ErrorDocument 403 "You need a valid client certificate on this site."
...
# In dir - only check for kind of cert
<Directory "/srv/www/repos/example-main">
SSLRequire ( %{SSL_CLIENT_V_REMAIN} > 0 and %{SSL_CLIENT_S_DN_CN} in {"internal-client-d"} )
</Directory>
<Directory "/srv/www/repos/example-testing">
SSLRequire ( %{SSL_CLIENT_V_REMAIN} > 0 and %{SSL_CLIENT_S_DN_CN} in {"test-client-b"} )
</Directory>
...
All issues are solved and even the repodata directory can be secured now. So I am happy.
Unfortunately I am still confused why the former setup wasn’t working with zypper - which should have been… Is it a zypper issue? Is it a performance topic with apache2… 
For the moment I have no explanation to this.
It doesn’t seems wrong what I did before:
Anyway, thanks a lot for your support. 