User Agent: Mozilla/5.0 (X11; Linux x86_64; rv:63.0) Gecko/20100101 Firefox/63.0 Build ID: 20180813220525 Steps to reproduce: [UX] "The certificate does not come from a trusted source." isn't very useful information without showing me what the signature of the cert actually *is* (who is the issuer? Which source is it, that is untrusted?). Of course I can copy out the cert text from below in a text file and open up with openssl, but that wastes 7-10 minutes of my time (unless you're the kind of person that works with certs daily) to find out something that Firefox clearly has already evaluated, and hence could just display to me in more detail. Steps to reproduce: 1. Browse to HTTPS website that is misconfigured such that it leads to this error: "The certificate does not come from a trusted source." / MOZILLA_PKIX_ERROR_ADDITIONAL_POLICY_CONSTRAINT_FAILED Actual results: No other useful information is displayed. Expected results: Issuer name, signature chain to any root certs (if present) is shown, with remarks which are revoked or no longer valid (if the case), so I don't need to dig around with OpenSSL to get at least a basic understanding of why Firefox doesn't like the cert

Ah. I can see the details, but only if I dare click "Add exception..." - but IMHO it's not a good thing to make me click that before telling me the details of what's going on. (compare also https://bugzilla.mozilla.org/show_bug.cgi?id=1483207 which is a similar issue with the "Continue..." button) It feels a little like a bad dare / extortion to require me to consent to adding an exception already, before even acknowledging there are more details to this issue that I might want to know.