Okay, you are right. Unfortunately it is impossible to test this on any computer that has ever bypassed the error, even with caches disabled or cleared, so we have had to use browsershots.org. We especially thought the problem was solved, since GoogleBot has been able to crawl the site...
It appears that although it was fixed on FireFox 4 on our last offending computer, it was somehow not fixed for you. In any case it seems the ssl_client_certificate directive in nginx.conf does absolutely nothing (at least for browsers that have never seen "GeoTrust Extended Validation SSL CA" before) and we needed to concatenate all 3 SSL certificates into one file to get them to chain properly.