Firefox tends to be more strict with certificates than other browsers. The cert chain is possibly broken somewhere, and Firefox will not go searching for intermediate certs to fix the problem itself, like some other browsers.

@crankygoat

As long as the full chain of certs is sent to Firefox, and the certs don't have issues which would affect your downloading, additional installation shouldn't be necessary. You can test domains, assuming they are publicly accessible, here (for example): https://www.ssllabs.com/ssltest/

I only mention the cert chain as you say the issue does not occur over HTTP.

Do the all the Firefox browsers have extensions which could cause the issue?

The CSP is pretty permissive, but doesn't specifically allow blob:, which isn't covered by * as far as i know. I have no idea if that even matters, i am not an expert here.

This could be a valid bug, but a bug report would need to be reproducible, but you are operating in a complex enterprise environment with possibly proprietary or bespoke web applications.

Hopefully someone else can assist you, or you can possibly file a bug report if that is feasible. Best wishes in getting this sorted out!

adding blob: solved the issue

567y89iiuytyy