Any reason Wireshark cannot decrypt local https server

edit

Thanks for providing the packet capture. The traffic to your server is using port 8088 which is not listed as an https port by default. This means Wireshark does not know how to interpret the TCP payload. Therefor it will only show the TCP payload as data.

Open the preferences and go to Protocols and then HTTP. Then add 8088 to the SSL/TLS Ports list and click on OK. You should now see the TCP payload being interpreted as TLS and whan you now configure the TLS protocol preferences to point to the right SSLKEYLOGFILE, decryption should work.

Without any information to go on besides "Dycryption for my local site does not work" and "decryption for some other sides does work" it is not possible to determine the reason why.

There are two major reasons for decryption to fail:

• There was a browser window still open, so it did not take the SSLKEYLOGFILE variable (this does not seem to be your case, as you can decrypt some sites, but I'm not sure they were tried in the same session)
• There was TLS session resumption, in which case the keying information needed to construct the TLS session keys with the logged pre-master secrets was not captured.

Is the random number in the ClientHello towards your server listed in the SSLKEYLOGFILE? If not, there is something going wring in the collection of the pre-master secrets. If it is there, which cipher is chosen in the ServerHello? Do you see the full TLS handshake or a resumed one?

Can you make an example packet capture of a page on your server that is not privacy sensitive and share the pcap and keys file (on a public file share service like dropbox, onedrive, etc)?