Firefox doesn't want to negotiate HTTPS with sites that have wildcarded site certificates.
My school library has a proxy server for connecting to subscriptions at various content providers. The site certificate is wildcarded, because the proxy server's name becomes the domain for the particular site to which the authenticated user is connecting. This has been the recommended way for libraries to connect institutionally with commercial content providers since at least 2000. The attachment shows the response that I get when I connect to my library with Firefox. You aren't allowed the opportunity to tell Firefox to accept the certificate as legit and connect anyway, which is extremely annoying.