Deployed LLM API HTTPS Connection

Your deployed LLM exposes an HTTPS API that is compatible with OpenAI-style clients. In some deployments, the HTTPS endpoint uses a certificate signed by a private/self-signed Certificate Authority instead of a public CA.

Download the certificate here:

https://llmingo-bucket-public.s3.us-east-1.amazonaws.com/root.crt

Save it locally as:

root.crt

Why the root certificate is required

HTTPS clients verify the server certificate before sending requests. Since this deployment uses a private certificate chain, your client may not trust the endpoint by default.

Without the root certificate, you may see errors such as:

SSL certificate problem: self-signed certificate in certificate chain

or:

certificate verify failed

Adding root.crt allows your application to verify the deployed LLM endpoint securely while keeping HTTPS validation enabled.

Required environment variables

Before running the examples, set the following values:

export BASE_URL="https://your-llm-api-endpoint.com"
export API_KEY="your-api-key"
export ROOT_CA_PATH="./root.crt"

curl "$BASE_URL/v1/chat/completions" \
  --cacert "$ROOT_CA_PATH" \
  -H "Authorization: Bearer $API_KEY" \
  -H "Content-Type: application/json" \
  -d '{
    "model": "your-model-or-deployment-id",
    "messages": [
      {
        "role": "user",
        "content": "Explain what object storage is in one sentence."
      }
    ],
    "temperature": 0.7,
    "max_tokens": 256
  }'

Production notes

• Always keep TLS verification enabled.
• Use the provided root.crt instead of setting insecure flags like -k, verify=False, or rejectUnauthorized: false.
• Store the certificate in a trusted location in your application image, VM, or runtime environment.
• Rotate the certificate when a new root.crt is issued.
• Ensure BASE_URL uses https://, not http://.

For production deployments, the recommended approach is to bake root.crt into the application container or mount it as a secure runtime secret, then reference it through ROOT_CA_PATH.