The following is a bit hard to describe but I saw an example where Firefox' was completely locked when visiting a simple webpage (basically the webpage is also broken I think but FF should handle it better IMHO).
That is happening at least with FF3.5rc2
How to reproduce:
- visit https://www.videobuster.de
- you'll get a certificate warning as the CA is apparently not in NSS
- choose to add an exception for this certificate/site (temporary is enough)
- proceed to the site
- you will get more certificate warnings since the site refers to other hosts
using the same certificate but you cannot add exceptions for them
Result: Your Firefox session became unusable because of the modal JS alert
Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.1) Gecko/20090616 Firefox/3.5
works for me perfectly : no temporary exception was needed
I tested with a deleted cert8.db file, so that only built-in certificates would be used. The chain of certificates used by www.videobuster.de added the UTN-USERFirst=Hardware certificate (under AddTrust, serial number 26:21:1B:F5:2A:EB:51:B0:0B:FA:9F:DD:8D:36:DA:9E), while there is a similar named certificate (built-in) under The USERTRUST network, serial number 44:BE:0C:8B:50:00:24:B4:11:D3:36:2A:FE:65:0A:FD) I don't know if this is normal or not.
Oh, right. Checking with a fresh profile worked for me too.
The "AddTrust External CA Root" is marked as non-trusted for me but I can only partly remember why. There was an issue with that CA at some point:
Ok, still the main issue is not about this particular certificate but to reproduce it, it should be enough to uncheck the trust bits.