Product
BAML
Problem Statement / Use Case
Many enterprise and development environments use self-signed certificates for internal LLM API proxies or locally hosted model endpoints. When running test cases in the BAML Playground plugin against these endpoints, the request fails with the following error:
ServerError (500) Request failed with status code: 500 Internal Server Error
{"error":"self signed certificate"}
Since v0.55.2, BAML supports DANGER_ACCEPT_INVALID_CERTS to disable HTTPS verification. However, after setting the environment variable DANGER_ACCEPT_INVALID_CERTS=1, the Playground plugin still rejects self-signed certificates. The setting appears to work in other BAML execution contexts (e.g., CLI), but the Playground plugin seems to use its own HTTP client or runtime that does not read or honor this variable.
This blocks interactive testing and development in environments that rely on self-signed certificates.
Steps to Reproduce
All of the following methods were tested, and none resolved the self-signed certificate error:
-
System environment variable — Set via set (session-level) and setx (persistent) on Windows, verified to be present in the shell session. Restarted VS Code after setting.
-
Baml: Env Var File — Created a .env file in the project root with:
DANGER_ACCEPT_INVALID_CERTS=1
Configured the plugin setting Baml: Env Var File to point to this .env file. Reloaded VS Code window.
-
Baml: Env Var Command — Configured the plugin setting Baml: Env Var Command with:
echo DANGER_ACCEPT_INVALID_CERTS=1
Reloaded VS Code window.
Result: All three methods failed. The Playground plugin still returns {"error":"self signed certificate"}, indicating that the plugin does not pass DANGER_ACCEPT_INVALID_CERTS to its internal HTTP client.
Proposed Solution
Ensure the Playground plugin's internal HTTP client reads and honors the DANGER_ACCEPT_INVALID_CERTS environment variable, consistent with the behavior already supported in the BAML CLI since v0.55.2.
Alternative Solutions
- Add a dedicated setting in the BAML Playground plugin (e.g.,
baml.dangerAcceptInvalidCerts) so users can toggle certificate verification directly within the plugin configuration, without relying on environment variables. This should apply to all supported IDEs (VS Code, JetBrains, etc.).
- Support
.env file configuration — allow the Playground plugin to read DANGER_ACCEPT_INVALID_CERTS from a .env file in the project root.
Additional Context
- The environment variable was set via both
set (session-level) and setx (persistent) on Windows, and verified to be present in the shell session.
- The same endpoint works correctly when accessed via BAML CLI with
DANGER_ACCEPT_INVALID_CERTS=1.
- The BAML Playground plugin is available across multiple IDEs (VS Code, JetBrains, etc.), so the solution should ideally be IDE-agnostic.
- BAML version: 0.220.0
- IDE & version: VS Code 1.113.0
- OS: Windows 10
Product
BAML
Problem Statement / Use Case
Many enterprise and development environments use self-signed certificates for internal LLM API proxies or locally hosted model endpoints. When running test cases in the BAML Playground plugin against these endpoints, the request fails with the following error:
Since v0.55.2, BAML supports
DANGER_ACCEPT_INVALID_CERTSto disable HTTPS verification. However, after setting the environment variableDANGER_ACCEPT_INVALID_CERTS=1, the Playground plugin still rejects self-signed certificates. The setting appears to work in other BAML execution contexts (e.g., CLI), but the Playground plugin seems to use its own HTTP client or runtime that does not read or honor this variable.This blocks interactive testing and development in environments that rely on self-signed certificates.
Steps to Reproduce
All of the following methods were tested, and none resolved the self-signed certificate error:
System environment variable — Set via
set(session-level) andsetx(persistent) on Windows, verified to be present in the shell session. Restarted VS Code after setting.Baml: Env Var File— Created a.envfile in the project root with:Configured the plugin setting
Baml: Env Var Fileto point to this.envfile. Reloaded VS Code window.Baml: Env Var Command— Configured the plugin settingBaml: Env Var Commandwith:Reloaded VS Code window.
Result: All three methods failed. The Playground plugin still returns
{"error":"self signed certificate"}, indicating that the plugin does not passDANGER_ACCEPT_INVALID_CERTSto its internal HTTP client.Proposed Solution
Ensure the Playground plugin's internal HTTP client reads and honors the
DANGER_ACCEPT_INVALID_CERTSenvironment variable, consistent with the behavior already supported in the BAML CLI since v0.55.2.Alternative Solutions
baml.dangerAcceptInvalidCerts) so users can toggle certificate verification directly within the plugin configuration, without relying on environment variables. This should apply to all supported IDEs (VS Code, JetBrains, etc.)..envfile configuration — allow the Playground plugin to readDANGER_ACCEPT_INVALID_CERTSfrom a.envfile in the project root.Additional Context
set(session-level) andsetx(persistent) on Windows, and verified to be present in the shell session.DANGER_ACCEPT_INVALID_CERTS=1.