SAC iOS Mobile App - how to find the right certificate for SSO to Live-BW

Hi Community,

I want to enable SSO towards a Live-BW connection in the SAC iOS mobile app.
Which personal certificate is needed to "Import with Analytics" in the iOS sharing menu as described here (SAP HELP)

To be clear:

• SAML2-SSO to SAC already works in a regular browser.
• SAML2-SSO to live-BW already works in a regular browser.
• It even works on my iPhone using Safari Browser with automatic VPN Tunnel.
• I need the live-connection working in the iOS App

There have been similar questions asked but I can not find more details about how to obtain the correct certificate.
My "certificate-admins" in the company were no help so far because they have never seen such a strange "Import to App" thing. And SAP is dodging the bullet by just saying "your idP, your problem to figure it out".

Thanks for taking your time and helping me out.

Best regards
Stefan