While you can normally trust otherwise insecure certificates, this is not possible if the website is or was sending as HSTS (HTTP Strict Transport Security) header. Keep in mind that HSTS is cached once received and sticks until it expires, which can be quite far in the future.
As per this answer on Security SE, you can find the Firefox HSTS cache in your Firefox profile in a file called SiteSecurityServiceState.txt
. Before continuing, create a backup copy of the file. You then have two options: Delete the file entirely, losing HSTS protection entirely for all sites until you visit them again. Or just remove the conflicting line(s). This file has Linux/Unix line breaks, so make sure to use an appropriate editor.
If you do not control the site, there is nothing you can do. Methods still exist, of course, like MITM’ing the connection using a proxy to replace the certificate and/or remove the header. However, I would not consider this an appropriate solution.
Instead, the site operator must fix their site. It’s 2023. They should be using Let’s Encrypt or a similar service. If they are unwilling to, they must not send HSTS headers.
Obsolete answer content:
You must also make sure this site of yours does not send as HSTS header. If you want to continue using HSTS, you may be better off creating a proper CA that then issues site certificates. Firefox can then trust the CA.