It's better to contact the web operators and tell them of the problem. I've noticed that much of the time they have simply forgotten to renew :O and most of those are happy I've reminded them.
If you're continuing to add exceptions, it would be wise to avoid wifi connections. CAT 5/6 connections are very difficult to break into, but anything over WLAN or wifi is at risk.
I know it can be... irritating... but if a web operator won't fix the problem or bother responding to my emails, I refuse to use the website. FF provides us with you-beaut encryption and certificate management, we should take advantage of them. Of interest, K-M is possibly the most securable browser around, heaps better than Chromium-base or Pale Moon!
My setup has only TLS enabled, and no fallback to SSL. All SSL ciphers have been explicitly disabled in config. There are very few sites that give problems, only one which makes life inconvenient, but I do have a simple work-around for that one: go to the Post Office and do my business there!
____________________
Understanding the scope of the problem is the first step on the path to true panic. [Florence Ambrose, "Freefall" 01372 January 22, 2007
http://freefall.purrsia.com/ff1400/fv01372.htm]