The Firefox certificates policy seem not to work in combination with PAC settings (proxy auto configuration script). So creating the policies.json file has no effect, a SSL/TLS cert issued from a private CA won’t be accepted. Even adding a root cert from a private CA to the cert store over the security settings doesn’t work while using PAC. Any solution known here, maybe even in accepting generally self-signed SSL/TLS certificates after check of their thumbprint?