Industry rules now completely forbid publicly trusted CAs from issuing certificates for internal names like .local. Sorry!
.local