# SSL on Local Mistake || Can’t fix **URL:** https://discourse.roots.io/t/ssl-on-local-mistake-can-t-fix/10057 **Category:** trellis **Created:** 2017-07-24T18:29:26Z **Posts:** 4 ## Post 1 by @encryptdesigns — 2017-07-24T18:29:26Z So I mistakenly setup https on my local setup. It was working initially, but since thenI decided to update my `development/wordpress_sites.yml` to this: ``` wordpress_sites: MYDOMAINNAME.COM: site_hosts: - canonical: local.MYDOMAINNAME.COM local_path: ../site # path targeting local Bedrock site directory (relative to Ansible root) admin_email: MYEMAIL multisite: enabled: false ssl: enabled: false provider: self-signed cache: enabled: false ``` Now every time I visit my local URL https keeps getting inserted. Do I need to update MySQL? I’ve already provisioned my vagrant box. What else could I try? Initially I thought it was a caching issue but it’s not :frowning: I’m still getting “[https://local.hybridinteractive.io](https://local.hybridinteractive.io)” instead of “[http://local.hybridinteractive.io](http://local.hybridinteractive.io)” when running locally. I don’t understand why this is happening. Is there something that I am missing besides updating the development/wordpress\_sites.yml file? I’ve reprovisioned my vagrant box, search mysql tables to no avail. Clearly there has to be something I’m missing. --- ## Post 2 by @alwaysblank — 2017-07-24T19:44:29Z Your browser may be using HSTS: [https://en.wikipedia.org/wiki/HTTP\_Strict\_Transport\_Security](https://en.wikipedia.org/wiki/HTTP_Strict_Transport_Security) Essentially, when a browser visits a site at `https://` it will remember that and _always_ redirect to `https://` on consequent visits, to prevent bad security situations. Unfortunately, this can be a problem during development sometimes. If that’s the problem, you’ll need to remove your domain from the HSTS cache in your browser. It varies by browser, but in Chrome you can fix it by going to chrome://net-internals/#hsts. --- ## Post 3 by @encryptdesigns — 2017-07-25T15:53:34Z Thanks for the help Ben. It looks like Firefox is now doing it only after I deploed changes. What would cause that? --- ## Post 4 by @encryptdesigns — 2017-07-25T18:45:07Z It looks like the only way to circumvent this issue is to use a .dev canonical url in the manifest and dev wordpress\_sites.yml file as browsers remember HSTS settings on sub-domains. Not ideal since if we were using TypeKit we could run into font loading issues, but it all works now.