i.e. I just want them to be permanently accepted all the time.

No, you cannot. Other people answering this question, please read it more closely. He wasn't asking how to add an exception, or fix a broken certificate. He wanted to TURN OFF THE CHECK COMPLETELY.

The Mozilla people erred on the side of caution by making this impossible. On the one hand it's annoying, but on the other hand, their security mindset is one of the reasons Firefox is so much safer than IE.

If you want to make exceptions just a little bit easier, type "about:config" in the address bar (no quotes), and type browser.ssl_override_behavior into the Filter, double-click the "Value", and change it to "2". Now exceptions require one less click.

check out the perspective firefox addon. It makes firefox 3 automatically accept self-signed certificates.

http://www.cs.cmu.edu/~perspectives/

Here's the answer!

* Tools -> Options -> Advanced -> Encryption -> View Certificates
* Under Authorities tab, enter "RSA Security 1024" in the Search textbox.
* Select RSA Security 1024 V3 and press the Edit button.
* Uncheck all three options
* Press OK and close out the rest of the dialogs. 

The certificate authority won't be trusted for anything, and so have been effectively disabled.

The certificate authority is not unknown or in malicious hands or anything, its just not in use and hasn't been audited. See http://blog.mozilla.com/security/2010/04/06/removing-the-rsa-security-1024-v3-root/

You need to import the certificate issuers certificate so that any other certs. issues by that issuer don't give this warning.

In firefox go to: prefs advanced encryption view certificates authorities and then click import

If you have a root certificate for your issuer you can import it here and never see that error again.

For those of us who either...

• Don't trust one of hundreds/thousands built-in "authorities" (which occasionally found to be on the list "by accident", or can be used for outrightly malicious purposes - think goverments) and/or security policies of any of them (any single compromised key can forge silent "all clear" for any site, after all, and - surprise - they do).
• Don't like the cool tradeoffs like five clicks to get any cryptographic protection against casual listener on a site which somehow didn't paid it's ssl tax (and no, you can't know in advance whether owner actually did that and you're victim of MitM attack)... hm, you can actually buy an item and pay for it in less than that in a sensible UI.
• Don't want to take part (for some mysterious reason) in all this commercial "pay or we'll spam you to death" circus altogether (which apparently can be mistaken for security).
• Have need to connect to lots of various router/server https interfaces which generate their certificates.
• ...

...partial solution can be a "MitM me" extension, which at least lowers the click count.

I know it's an old thread, but for future reference, this FF extension makes the trick:

https://addons.mozilla.org/en-US/firefox/addon/skip-cert-error/

I think you need to get the certificate issued by a "root certificate authority" that the browser will know in advance, e.g. Verisign.

http://www.verisign.co.uk/ssl/ssl-information-center/

There's other suppliers too. Trail ones available here....

http://www.geotrust.com/

Good description of the issue and what might work best for you depending on your requirements here...

http://www.boutell.com/newfaq/creating/whichcert.html