When Credhub is enabled by checking “Secure service instance credentials” in the SCS 1.5.x tile with PAS 2.0.5, the deploy-service-broker errand fails with the following error: "deploy-service-broker failed: Secure service instance credentials is enabled but no CredHub server is available. Verify the PAS and Spring Cloud Services configuration."
 

There are two options to workaround this issue:

1. Follow the below steps to disable SSL certificate verification:

a. Copy the Operations Manager (Ops Manager) Root CA, which can be obtained from the Ops Manager Root CA.
b. Copy the Ops Manager Root CA to the Bosh Director > Security > Trusted Certs.  

This will mark the Ops Manager's Root CA as trusted on all Bosh Virtual Machines (VMs) and in all Application Containers. This should allow errands and applications to successfully talk with Credhub.

“Apply Changes” using Ops Manager.

2. Please use this option only as a backup if the first option is not viable for you. Uncheck the "Disable SSL certificate verification for this environment" option on the PAS tile Networking page.

• PAS Tile > Networking > Disable SSL certificate verification for this environment