I actually fell into this trap! One day I was struggling to figure out why I could no longer access one of my web servers. I thought that it was due to one of my plugins. After much hair pulling I found out that it was because someone (or perhaps an automated bot) had added my domain to the hsts preload list. As a short term fix I added the certificate of my web server to my trusted root ca dtore, and now that LetsEncrypt supports IPv6 I now have a real certificate (albeit one that does not work in BB10 since the native browser does not trust user-installed root certificates).