If a site is HSTS, we don't allow an override if a user encounters a certificate verification error when visiting it. However, it's still possible to make it look like an override has been added by using the certificate manager (about:preferences -> advanced -> view certificates -> servers -> add exception). This is probably a bit confusing to users since adding an exception that way won't do anything (i.e. if they then try to visit that site, they'll still see the certificate error page that lacks the option to add an override).

so, what can I do? And what's the reasoning for not allowing an exception for power users to begin with???

see also Bug 1119778 and Bug 902884

Adding exceptions should be allowed, at least through a manual dialog. This is becoming a considerable pain for those of us who have removed startssl/wosign from the trusted root store. For example, https://wiki.python.org uses a startcom certificate and HSTS. So it's now impossible to view that site AFAICT without re-trusting startssl, even to look at public wiki pages. The user should be allowed to decide whether to override HSTS using their knowledge of the content semantics of the page they want to visit. If it's a page they'd be willing to visit with regular HTTP then they should be able to accept the untrusted certificate.

see also Bug 1381462