New version gives SSL_ERROR_UNKNOWN_CA_ALERT on my client certs. Guess I have to go back to Chrome now...
Just import your CA
It's already installed, that's not it.
Does FF use a different cert-store than os? I've frequently had to fiddle with os/app cert-stores to get them to trust. Not just import the cert but the signer too, some times on both sides. I'll likely hit this issue when I upgrade.
It does have it's own cert store. You can test your sites with testssl.sh [1] to see if they validate correctly. It only depends on openssl and bash. If you have your own self signed CA/certs, then you would have to import them into FF.