Cloud Foundry service broker connection issue

We have the Conjur tile installed in our NP and PR Cloud Foundry environments. We have tested in the NP environment, but are unable to bind to the service in PR.

# cf login -a
API endpoint:



Targeted org security-pam

Targeted space cyberark-dap

API endpoint: (API version: 2.120.0)
Org: security-pam
Space: cyberark-dap
# cf create-service cyberark-conjur community conjur
Creating service instance conjur in org security-pam / space cyberark-dap as …
The service broker returned an invalid response for the request to Status Code: 500 Internal Server Error, Body: {“status”:500,“error”:“Internal Server Error”}

Does anyone have any experience with the PCF integration with Conjur?

1 Like

Hi Chris,

It looks like you are having an issue creating a service instance in that org/space. Have you been able to create service instances in other spaces in this foundation? Can you have someone with access to the service broker check that the application is up and running and/or share the service broker application logs?

Please also verify the version of the Conjur tile that you are working with.


Moved to the AAM/DAP category

The PCF tile is v1.1.0 and DAP is 10.11. I see a more recent version of the tile was released recently.

Also, I am able to bind other services to this space.

[clb10@C02QX3NQFVH5MBP ~]# cf create-service app-autoscaler standard autoscaler
Creating service instance autoscaler in org security-pam / space cyberark-dap as clb10…

I think the more recent release was just to update a dependency in response to a CVE, so that shouldn’t cause the issue you’re seeing. I think the next step is to get more information about the state of the service broker application and its recent logs, and we should open a SalesForce case to discuss this further. Can you please work with your account executive to open a SF ticket about this issue?

Thanks :slight_smile:

1 Like

Thanks Geri! Already on it. I was mainly hoping against hope that someone else has seen this and had a simple fix.


As a follow-up for anyone who may find this useful in the future, we tracked it down to an incorrect value for ‘PCF Conjur Policy Branch ID’ in the tile configuration. We had entered pcf-eb, which it should have been pcf\pcf-eb

1 Like

Thanks Chris! We’re going to work on adding this to the health check for the service broker too to make sure we catch this earlier in the future - please see the github issue to track this change.