SSL Certificate Expired on xnat.bmia.nl – How to Proceed?
19 views
Skip to first unread message
Kyle Chehin
Jul 22, 2025, 10:03:17 AM7/22/25
to xnat_discussion
Hi all,
I'm currently working with the XNAT instance hosted at https://xnat.bmia.nl, but I’ve run into an issue accessing it from my Python script. I'm getting the following SSL error:
SSLError: HTTPSConnectionPool(host='xnat.bmia.nl', port=443): Max retries exceeded with url: /(Caused by SSLError(SSLError(1, '[SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed (_ssl.c:852)')))
After some investigation, I noticed that the SSL certificate for the site expired 9 days ago. As a result, HTTPS requests are being blocked due to certificate verification failure.
Could someone advise on the best way to handle this?
-
Is there a plan to renew the certificate soon? Do I just wait for that?
-
Is there a temporary workaround that’s considered safe?
-
Or is there an alternative endpoint I should use?
Thanks in advance for your help!
Best regards,
Kyle
Evi Vanoost
Jul 28, 2025, 3:00:03 PM7/28/25
to xnat_discussion
You'd have to contact the owners of the bmia.nl XNAT instance.
Perhaps you're using an old URL? https://xnat.health-ri.nl/
Perhaps you're using an old URL? https://xnat.health-ri.nl/
Rick Herrick
Jul 28, 2025, 3:28:19 PM7/28/25
to xnat_di...@googlegroups.com
You can configure your HTTP client to ignore certificate errors. How this is done really depends on the client, but you can do it with requests like this:
import requests
import urllib3
urllib3.disable_warnings(urllib3.exceptions.InsecureRequestWarning)
response = requests.get('https://xnat.bmia.nl/xapi/xxx', verify=False)
import urllib3
urllib3.disable_warnings(urllib3.exceptions.InsecureRequestWarning)
response = requests.get('https://xnat.bmia.nl/xapi/xxx', verify=False)
You can omit the call to urllib3.disable_warnings() but then your script will emit warnings every time it connects to the site with the invalid certificate.
If you're using base Python libraries, you'll just need to look in the documentation for, e.g., http.client or whatever it is you're using.
Note that this is "safe" if you know that the site itself is safe and you're certain that the connection is protected (i.e. behind a firewall or other protected network environment), but could expose you to man-in-the-middle attacks, which manifest in a similar way, if you're going outside of a protected environment. MITM is unlikely but possible.
As for that site, you might log into the UI then go to Help -> Report a problem. It's possible the site administrator(s) are unaware of the issue.
Rick Herrick
Senior Software Developer
--
You received this message because you are subscribed to the Google Groups "xnat_discussion" group.
To unsubscribe from this group and stop receiving emails from it, send an email to xnat_discussi...@googlegroups.com.
To view this discussion visit https://groups.google.com/d/msgid/xnat_discussion/d851b0ed-cb7c-46ae-9bc1-926b26068aa6n%40googlegroups.com.
Reply all
Reply to author
Forward
0 new messages