Comment 6 for bug 1639807

Did a lot more investigation in to this. Turns out, even with the CA used by certmonger (/etc/pki/ca-trust/source/anchors/cm-local-ca.pem) imported in to Firefox, we still see exceptions when connecting to SSL endpoints on nonstandard HTTP ports (e.g. anything not :443). That has to do with:

https://bugzilla.mozilla.org/show_bug.cgi?id=700837

It doesn't appear that they're too interested in changing this behavior, either.

The only way I was able to make the UI work in Firefox is by allowing exceptions to each endpoint that UI would communicate with. This is preformed via Options -> Preferences -> Advanced -> View Certificates -> Server, clicking the "Add Exception" button on the bottom, and adding an exception for each of:

http://<undercloud>:13000
http://<undercloud>:13004
http://<undercloud>:13385
http://<undercloud>:13989
http://<undercloud>:13808
http://<undercloud>:9000