Comment # 35 on bug 1221531 from Frederik Möllers

This workaround helped me on Leap 15.5 and might work for others, too:

1. Launch Firefox with 'NSS_IGNORE_SYSTEM_POLICY=1 firefox'
  * Do not uninstall any extensions!
  * Instead, re-install everything you had previously installed on top of your
old extensions
  * This should keep your extension settings (uBlock, password managers etc.)
2. Downgrade mozilla-nss and libsoftokn3
  * zypper in --oldpackage mozilla-nss=3.79.4-150400.3.29.1
  * zypper in --oldpackage libsoftokn3=3.79.4-150400.3.29.1
3. Prevent upgrades to those two packages for now:
  * zypper al 'libsoftokn3<=3.79.4'
  * zypper al 'libsoftokn3<=3.79.4'
4. Start Firefox with 'firefox --allow-downgrade'
  * Since you downgraded Firefox together with mozilla-nss, your profile is
newer than your (now) installed Firefox.
  * Even though Firefox warns about possible corruptions, for me nothing broke.
YMMV, though.
5. Now you can use firefox like you used to (without any command line
parameters and with all extensions).
6. Keep an eye on this bugzilla to see if you can remove the package locks.

I think this might be the best option without completely disabling security
checks. Sure, it keeps an obsolete version of NSS. But the other two options
seem to be to either disable extension signature checks completely or to not
use Firefox extensions for now.

Once the issue is fully resolved, you can remove the locks with 'zypper rl
libsoftokn3' and 'zypper rl mozilla-nss' and perform a regular (dist-)upgrade.