Download and install SAP SecureLogin Client (SAP SINGLE SIGN ON / SAP SINGLE SIGN-ON 3.0 / COMPRISED SOFTWARE COMPONENT VERSIONS / SECURE LOGIN CLIENT 3.0)
Create a new SAP GUI connection. An example of the connection string: “conn=/H/mysaphost.sap.mycompanydomain.com/S/3200&sncqop=9&sncname=p:CN=PRD, OU=SAP-HEC, O=SAP SE, C=DE”. You can verify the SNCNAME using SNCCONFIG transaction, parameter snc/identity/as.
Go to STRUST and download the certificate: SNC SAPCRYPTOLIB (If not, try SYSTEM PSE and SSL SERVER STANDARD)
Install the certificate into macOS KeyChain (SYSTEM keychain) and make it “ALWAYS TRUSTED”
Run the terminal and execute the following command: kinit [email protected] or kinit –keychain [email protected] for keychain storage Using the keychain, it should prompt for a password again when the Kerberos ticket expires or You can use “Ticket Viewer” app to create and update the credentials