Option to safely yet simply add exceptions for java, flash and self signed certs?

Oh it's alright, I don't use Firefox much but I know the universal and correct way to trust any Certificate Authority, including the self singed certificate, is this way:
- In Windows RUN, enter "certlm.msc" (with Admin rights)
- navigate to the Trusted Root Certificate Authorities store (should be the 2nd from top)
- right-click anywhere and select import then browse for your self signed certificate CA.

to get this certificate you need to go to the computer/server where you generated the self signed certificate, go to its Trusted Root Certificate Authorities store and export it. now when exporting, you should first decide if it's going to be used on a server or client. if it's a server then export with private key, if it's a client don't export with private key.

You're right, almost all companies and developers that provide support for their clients have/will have provided the update for Flash removal by that time.
though there are some 3rd party emulators for Flash but since it won't be getting any more security updates from Adobe, the security risk is fairly high.