LocalWP not secure

When either I click Open site or WP Admin the browsers - Chrome, Firefox & Opera indicate that my Local site is not secure. I have followed the following URLs instructions for fixing the problem:

I have also installed Rosetta through terminal.
softwareupdate --install-rosetta
This procedure fixed the problem in Safari but not for the other browsers.






System Details

Local Version 9.0.1+6673

MacOS Sonoma 14.4.1


Local Logs

Attach your Local Logs here (Help Doc - Retrieving Local’s Log)
local-logs.zip (9.6 KB)


Hi @jpruim

Did this work in a previous version of Local or was this your first attempt at using the app?

We also have some other troubleshooting steps here that you could try as well:

I had a previous, older install of MacOS. It Local worked fine then. I believe that I had the same version of Local installed. I updated my computer’s operating system to MacOS 14.4.1 and my computer started acting up in many ways, including problems with Mail and Local no longer working, so I rebuilt the operating system with a fresh install to the latest MacOS and most browsers still gave the Not Secure warning. Going thru the process outlined above, I was able to get Safari to apparently work properly, but Chrome, Firefox and Opera still say Not Secure. I have the Lock icon on Safari, so I’m guessing it is recognizing the SSL certificate. It says Trusted on the Local site page.

I deleted my site and rebuilt it. It goes to “pronouncedprime.local” now instead of “https://pronouncedprime.local”. The SSL Certificate appears to be trusted on Safari, Chrome and Opera now when I type in the URL manually.

Firefox gives me this warning:

Warning: Potential Security Risk Ahead

Firefox detected a potential security threat and did not continue to pronouncedprime.local. If you visit this site, attackers could try to steal information like your passwords, emails, or credit card details.

I ran the following in the Site Shell from Local that opened in Terminal:
wp search-replace ‘http://pronouncedprime.local’ ‘https://pronouncedprime.local

Terminal said that it changed 9 instances or something like that.

I get the same results, no changes. Local doesn’t take me to “https://” when I click the Open Site button. I tried quitting Local and restarting with same results. I tried quitting Local, turning off my firewall, relaunching Local. Same results. Firewall is back on now.

Hi @jpruim

Thank you for the updates here! So to sum it it’s not working everywhere except in Firefox? Or does it only work when typing in manually?

As another step in troubleshooting, have you tried clearing the cache and cookies on your browser and then closing your active sessions to start with a clean slate?

How do I clear my browser’s cache?

You might also check on your network cache. There are some different things to try and get around network caching. Restarting your device, restarting the network router/modem, using a VPN connection, or adding a cache-breaking path to the end of the site that’s cached. Adding /? followed by any 4 random characters (/?1234 for example) will sometimes break the cache as well.

Additionally, does this happen with all sites? If you create a new, blank site for example now is the behavior the same?

Currently it now works everywhere except Firefox, if I add “https://” to pronouncedprime.local

But otherwise browsers don’t have the lock symbol, have a lock with a red line through it or simply say Not Secure.

I know you mentioned rebuilding your site at some point but if you create a new, blank site in Local and Trust the SSL is the behavior the same for that one?

Same results with a fresh site build. I changed the name to PronouncedPrime01. I went through the process of Always Trust the SSL Cert in Keychain Access. Then the SSL Cert worked in all browsers when changing “pronouncedprime01.local” to “https://pronouncedprime01.local” in the browsers URL field. This worked for all browsers except Firefox which is still says “Not Secure”, “Warning: Potential Security Risk Ahead”. I ran Site Shell to replace ‘http://pronouncedprime01.local’ with ‘https://pronouncedprime01.local’ with no effect. Terminal told me it “Made 9 replacements”. Since Site Shell didn’t help, I ran Better Search Replace plug-in as a dry run for good measure. Better Search Replace found no instances to replace.

I think I’d be happy at this point if I could just get Local’s “WP Admin” and “Open Site” buttons to got to “https://pronouncedprime01.local” instead of “pronouncedprime01.local”

I checked with our Local devs on this, and they reminded me that the issues you’re facing have already been on our radar, and bugs have been filed. Specifically, there is an issue with Firefox not trusting our certs, and then there is another bug with our Open Site widget not opening directly in HTTPS. As mentioned, both of these have been filed with bugs for the team already so for now, your best bet will be to utilize a browser other than Firefox and manually update the HTTPS protocol as you have been.