You have recently upgraded Firefox to 32.0 (or newer). Your ProxySG has policy to intercept SSL traffic but when you go to some sites using Mozilla (or Chrome), you get an error message like this:
Like Chrome, Mozilla has a new feature called certificate pinning.
Pinning allows the owner of a web site to determine (on the server side) which certificate has to be present in the certificate chain. If this certificate is present in the current chain, content will be shown, otherwise we get the above error message.
This happens because the SG has to forge certificates in order to perform SSL-Interception - these forged certificates obviously don't match the original certificates on the web site.
There are several ways to address this:
Confirm the warning, and you'll be presented with a rather long list of options. In the search box type: pinning
This will show you the option to enforce/enable/disable pinning support. The values mean:
There is no right or wrong way to deal with this - you will need to make the decision which way you will go depending on your company's policies.
Official documentation from Mozilla is available here: https://wiki.mozilla.org/SecurityEngineering/Public_Key_Pinning