Firefox does not allow sites with self signed certificates, which is the case when using IIS Express. Best solution I've found thus far is go generate a certificate as per Installing a localhost certificate (for use in IIS), then replacing the IIS Express certificate using the answer to the Stackoverflow question at How do I change my IIS Express SSL certificate for one that will work with Chrome 58+?

Works a treat (and means that I'm using the same localhost cert across front end (Aurelia), legacy WCF service and a ASP.Net Core API - goodbye multiple certs expiring on differing dates)