Unable to re-connect to WP Engine

Issue Summary

I’ve been using Local successfully for quite some time and have migrated various WP sites with the tool, but for about 2 months now I can’t connect to WP Engine. I get the error “Something went wrong. Please try again in a few minutes.”, and there is no way forward.

Troubleshooting Questions

  • Does this happen for all sites in Local, or just one in particular?

On all sites, since it is the application that cannot connect.

  • Are you able to create a new, plain WordPress site in Local and access it in a Browser?

Yes, all sites work fine on Local.

Replication

There are no specific steps to replicate. It is simply the dialog to connect to WP Engine. I have reinstalled Local and also generated new API keys without success.

System Details

  • Which version of Local is being used?
    6.7.1+6369

  • What Operating System (OS) and OS version is being used?
    Windows 10 Enterprise


local-logs.zip (22.0 KB)

Hi there @SantiMB - welcome to the Local community! :wave:

Have you reviewed this help doc regarding troubleshooting that connection?

Let me know if that helps!

Sam

Hi Sam,

Thank you very much for your answer. I just tried that by creating some new API credentials and it failed, but now I’ve done it again and it still fails. Add that the log shows these two new lines in my current attempt:

{"localVersion":"6.7.1+6369","osPlatform":"win32","osRelease":"10.0.19044","osArch":"ia32","windowsEdition":"Microsoft Windows 10 Enterprise","linuxEdition":null,"level":"warn","message":"Electron Event ready","timestamp":"2023-05-02T14:14:08.602Z"}
{"thread":"main","reason":{"code":"UNABLE_TO_GET_ISSUER_CERT_LOCALLY"},"p":{},"eventId":"79f4cd0618bd46bebf4eef77f19a027a","level":"warn","message":"Unhandled Rejection.","timestamp":"2023-05-02T14:14:09.085Z"}

And one more thing that I don’t know if it’s related: if I try to Log in to Local from the application I get an error “Failed to obtain access token” in the browser, but the user logs in fine. The log shows this line:

{"thread":"main","reason":{"name":"InternalOAuthError","message":"Failed to obtain access token","oauthError":{"code":"UNABLE_TO_GET_ISSUER_CERT_LOCALLY"}},"p":{},"eventId":"6846c959bda649549d977e5a427e8dee","level":"warn","message":"Unhandled Rejection.","timestamp":"2023-05-02T14:21:42.421Z"}`

In both cases there is an UNABLE_TO_GET_ISSUER_CERT_LOCALLY error.

Any more ideas? Is there anything I can look at on my computer? It was working fine for a long time.

Kind regards,
Santiago M.

Hey @SantiMB !

The error UNABLE_TO_GET_ISSUER_CERT_LOCALLY likely is related to the issue, and it basically means that when Local was trying to connect to a remote server over HTTPS, it wasn’t able to get the security certificate to make the request.

I notice that you’re on Windows 10 Enterprise – is this a work machine? I ask because it might be that there are some security settings in place that are preventing third-party apps (like Local) from making request to places on the internet. In the cases you’re describing, Local is:

  1. For the Connect connection, Local is trying to upload it’s ssh key to the remote server.
  2. For logging into Local Hub, Local is trying to use Oauth to authenticate with that remote service.

Can you let us know a little more about the security in place for this laptop? It might also be that some security settings were recently changed, like during a Windows upgrade. Let us know what you find!

Thanks for your answer Ben. That’s exactly what I was suspecting, since it’s a work computer with managed security policies. Today I have installed Local on my PC and have had no problem connecting to WP Engine or logging into Local. Do you know what server Local is trying to connect to so I can inform my security admins to allow access?

Ah nice! We probably should put together a more formal doc of all the remote URLs that Local reaches out to for situations like this. I think these are the main urls that you’d want to whitelist, but I’d be curious if I missed something:

  • https://hub.localwp.com
    • Connects the Local Desktop app to the Local Web account. Certain Web-focused features require Local Web to do things on the Desktop app’s behalf. For example, the Backups Addon or Live Links feature.
  • https://api.wpengineapi.com/
    • To use Connect to WP Engine, the Local desktop app needs to generate and upload a key to WPE.
  • https://app.getflywheel.com
    • Powers the Connect to Flywheel functionality.
  • https://cdn.localwp.com/
    • Local Desktop is bundled with preferred services (php/mysql/nginx), but will reach out to this domain to download additional services as you select them.

Let us know if that gets you going on your work computer or if you run into other issues!

2 Likes

Thank you Ben.

I have communicated this to my security team. I will keep you informed.

1 Like

Hello again Ben,

My company’s security team have whitelisted these 4 addresses, but Local is still unable to connect to WP Engine or log into the Local website. On my home computer I see that Local opens a connection on port 443 against an IP address that corresponds to api.wpengineapi.com when I connect to WP Engine. That does not happen on my work computer. I have explained this to my company’s security team and am waiting for a response. Can you think of anything else I can try?

Thank you.

Finally my company’s cybersecurity team, apart from adding the 4 addresses to the whitelist, has also added them to the selective decryption list to bypass HTTPS inspection. Local is now working perfectly.

Thank you very much for the support Ben.

Kind regards,
Santiago M.

3 Likes

This topic was automatically closed 36 hours after the last reply. New replies are no longer allowed.