diff --git a/README.md b/README.md
index 9bc0094..e0185a1 100644
--- a/README.md
+++ b/README.md
@@ -541,6 +541,10 @@ Status endpoint, used for *healthcheck*.
 
 Shows current runtime environment variables and their values.
 
+**`GET /-/config/root-ca`**
+
+Returns the Root-CA Certificate which is used. This is required for patching `nvidia-gridd` on 18.x releases.
+
 **`GET /-/readme`**
 
 HTML rendered README.md.
diff --git a/app/main.py b/app/main.py
index 0894adb..60377b9 100644
--- a/app/main.py
+++ b/app/main.py
@@ -53,6 +53,7 @@ PRODUCT_MAPPING = ProductMapping(filename=join(dirname(__file__), 'static/produc
 
 # Create certificate chain and signing keys
 ca_setup = CASetup(service_instance_ref=INSTANCE_REF)
+my_root_certificate = Cert.from_file(ca_setup.root_certificate_filename)
 my_ca_certificate = Cert.from_file(ca_setup.ca_certificate_filename)
 my_si_certificate = Cert.from_file(ca_setup.si_certificate_filename)
 my_si_private_key = PrivateKey.from_file(ca_setup.si_private_key_filename)
@@ -148,6 +149,11 @@ async def _config():
     })
 
 
+@app.get('/-/config/root-ca', summary='* Root CA', description='returns Root-CA needed for patching nvidia-gridd')
+async def _config():
+    return Response(content=my_root_certificate.pem().decode('utf-8'), media_type='text/plain')
+
+
 @app.get('/-/readme', summary='* Readme')
 async def _readme():
     from markdown import markdown
diff --git a/test/main.py b/test/main.py
index 2547412..fda7354 100644
--- a/test/main.py
+++ b/test/main.py
@@ -16,7 +16,7 @@ sys.path.append('../')
 sys.path.append('../app')
 
 from app import main
-from util import CASetup, PrivateKey, PublicKey
+from util import CASetup, PrivateKey, PublicKey, Cert
 
 client = TestClient(main.app)
 
@@ -26,6 +26,7 @@ ORIGIN_REF, ALLOTMENT_REF, SECRET = str(uuid4()), '20000000-0000-0000-0000-00000
 
 # CA & Signing
 ca_setup = CASetup(service_instance_ref=INSTANCE_REF)
+my_root_certificate = Cert.from_file(ca_setup.root_certificate_filename)
 my_si_private_key = PrivateKey.from_file(ca_setup.si_private_key_filename)
 my_si_private_key_as_pem = my_si_private_key.pem()
 my_si_public_key = my_si_private_key.public_key()
@@ -74,6 +75,12 @@ def test_config():
     assert response.status_code == 200
 
 
+def test_config_root_ca():
+    response = client.get('/-/config/root-ca')
+    assert response.status_code == 200
+    assert response.content.decode('utf-8') == my_root_certificate.pem().decode('utf-8')
+
+
 def test_readme():
     response = client.get('/-/readme')
     assert response.status_code == 200