Community
Technology Blog Posts by Members
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Read only

How to .. Run SAP Cloud Connector on macOS Sequoia + Troubleshooting

ricardo_i_mata
Explorer
‎2025 Jun 27 6:56 AM
1,218

If you are like me and trying to "install"/run the SAP Cloud Connector on your mac to either connect to a on-premise service or SAP environment (S/4HANA or AEX) through your VPN connection, and have been going through multiple blogs and SAP Notes/KBA then this is the guide for you, stop jumping and check the step by step bellow.

Step 1: Accept and download the SAP Cloud Connector and SAP JVM packages.
Pretty obvious, right? Jump to https://tools.hana.ondemand.com/#cloud or Google "SAP Developer Tools" and search for Cloud Connector. 

ricardo_m117_0-1750997831136.png

In my case, my Mac is running an Intel chip, so I downloaded the x86_64 file. If your Mac has an ARM processor, please use the aarch64 option; both options are equivalent.

If you keep scrolling, you will find the SAP JVM section. This step is optional, but it is highly recommended to use the SAP JVM.

ricardo_m117_1-1750998109478.png

Note: I like to keep things simple and saved both in the same directory.

Step 2: Unzip the files.
This is easy, double click on the file or be fancy and do "tar -xzovf sapjvm-8.1.105-macosx-x64.zip" (which I recommend for the JVM)

tar -xzovf {filename-here}

If you did everything correctly, you will have the following.

ricardo_m117_2-1750998611315.png

Step 3: Set the environment variables
Okay, I know you might be running other applications and/or IDEs, and you don't want to interfere with your Java runtime. Open your favorite terminal and use the following two commands.

export JAVA_HOME=/Users/i53xxxx/sap-cc/sapjvm_8
export PATH=$JAVA_HOME/bin:$PATH

Note: Please change the value of JAVA_HOME to use the full path of your directory that contains the bin directory. Use mine only as a guide

ricardo_m117_3-1750999233815.png

Step 4: Trust the file or folder using xattr 
Trust me on this one and avoid a headache.

xattr -rd com.apple.quarantine /Users/i53xxxx/sap-cc/sapcc-2.18.1-macosx-x64

Note: I did the full directory, but technically you only need to trust "libsapscc20jni.dylib"

Step 5: Run the script with admin rights
The cloud connector needs certificates. It will run some commands, and it is recommended to run this with administrative rights. If you are using environment variables at your session level, then use the -E parameter.

sudo -E /Users/i53xxxx/sap-cc/sapcc-2.18.1-macosx-x64/go.sh

If you follow along, you should be having your own Cloud Connector running.

ricardo_m117_0-1751001610627.png

Open your browser and use either the address that shows on your terminal or localhost at https://localhost:8443 

ricardo_m117_1-1751001840816.png

Log in with "Administrator"
Note: At the time of this post, the default password is "manage".

 

 

Troubleshooting issues:

Issue with Java:

Detected mismatch between jdk binaries for directory) and scc binaries for x86_64
Stopping the process. Ensure to use the corresponding binaries either for x86_64 or for arm64
Set env variable NO_CHECK=1 to overcome this check

ricardo_m117_5-1750999574741.png

Solution: Use the SAP JVM and make sure when running the Cloud Connector, you are using the environment variables.

Issue: If you get the following errors when trying to connect to a subaccount

#ERROR#com.sap.core.connectivity.tunnel.core.handlers.TunnelClientErrorHandler#notification-client-5-1# #Unexpected problem during tunnel processing in channel Reason: error 60 - Operation timed out; Exception type: java.io.IOException
#INFO#com.sap.core.connectivity.tunnel.core.impl.context.TunnelRegistryImpl#notification-client-5-1# #Unregistered tunnel channel 
#INFO#com.sap.scc.config#https-jsse-nio2-8443-exec-7# #Configuration file not found: 
#INFO#com.sap.scc.config#https-jsse-nio2-8443-exec-1# #User null stopping Tunnel account:///a240e5b0-aecf-4dd4-a317-d821ea3bd80a/mavr-demo in state DISCONNECTED for account id-here in region cf.region-here.hana.ondemand.com
-#INFO#com.sap.core.connectivity.tunnel.client.sso.TrustConfigurationServiceImpl#https-jsse-nio2-8443-exec-1# #Successfully deleted IDP configuration for tunnel id 'account:///id-here'
#ERROR#com.sap.scc#https-jsse-nio2-8443-exec-1# #Obtaining subaccount certificate failed. See 'Log and Trace Files' and in particular scc_core.trc for details. Associated entries were logged on or around 2025-06-25 23:56:51,771 -0500. Consult SAP note 2460641 for possible remedies.

 Solution: Install a certificate in your Cloud Connector

ricardo_m117_2-1751002936957.png

I know this is a demo or PoC, but where do you get a signed certificate?
If you have access to SAP BTP, you can generate Service Instances and Service Keys. In my case, I created a signed certificate from the Process Integration Runtime. Transformed the Public-PEM and Private PEM into a P12 

ricardo_m117_3-1751003184232.png

ricardo_m117_4-1751003307692.png

ricardo_m117_5-1751003338109.png

The process is quite simple: copy the public certificate into a file named my-public.pem file and copy the key or private into a my-private.pem file and run the following openssl command: 

openssl pckcs12 -export -out my-p12-file.p12 -in my-public.pem -inkey my-private.pem

After this, the connection to the subaccount should be successful.

I hope this easy how-to has been helpful.

Best regards 🖖🏻
Ricardo

 

 

1 Comment