There is usually no need to create a security exception.

Where and why do you have to create an exception?

Make sure that you do not run Firefox in (permanent) Private Browsing mode (Never remember history).

• https://support.mozilla.org/kb/Private+Browsing

In the certificate exceptions dialogue box. Doesn't matter why - I have been doing so for ten years.

What I meant is which websites require you 990you to add an exception.

Check the date and time in the clock on your computer: (double) click the clock icon on the Windows Taskbar.

Check out why the site is untrusted (click "Technical Details to expand that section) and if this is caused by a missing intermediate certificate then see if you can install this intermediate certificate from another source.

You can retrieve the certificate and check details like who issued certificates and expiration dates of certificates.

• Click the link at the bottom of the error page: "I Understand the Risks"

Let Firefox retrieve the certificate: "Add Exception" -> "Get Certificate".

• Click the "View..." button and inspect the certificate and check who is the issuer of the certificate.

You can see more Details like intermediate certificates that are used in the Details pane.

If "I Understand the Risks" is missing then this page may be opened in an (i)frame and in that case try the right-click context menu and use "This Frame: Open Frame in New Tab".

Note that some firewalls monitor (secure) connections and that programs like Sendori or FiddlerRoot can intercept connections and send their own certificate instead of the website's certificate.