Information
When Firefox encounters an invalid certificate and the user clicks 'Add Exception', a dialog is displayed with a text box to fetch the certificate from the given URL. This preference controls whether Firefox will or will not automatically fill in the URL text box and auto-fetch the certificate on behalf of the user. Setting this preference to 0 forces the user to enter a URL and click the 'Get Certificate' button before adding an exception for an invalid cert.
Requiring the user to manually enter the server's URL and fetch the certificate may provide additional opportunity to scrutinize the certificate before adding an exception for a potentially fraudulent certificate.
Solution
Perform the following procedure:
* Open the mozilla.cfg file in the installation directory with a text editor
* Add the following lines to mozilla.cfg:
lockPref('browser.ssl_override_behavior', 0);