I working on this for weeks and I have exactly the same problem as you. Don't know why there are no way to configure a certificate in Tenant B > Enterprise Applications > My application
And SAML Request always returns the same certificate...
For the part of the claims, I think I can help you, you need to grant Ownership to one admin of the Tenant B then this user can configure claims in Single Sign-On section of your Enterprise Application.