It's because they're using a stricter form of https, which fails if your company messes with the certs (I'm guessing proxy problems).
This is what it looks like for me:
> Certificate Error
There are issues with the site's certificate chain (net::ERR_CERT_AUTHORITY_INVALID).
Issued To
Common Name (CN) blog.torproject.org
Organisation (O) <Not Part Of Certificate>
Organisational Unit (OU) <Not Part Of Certificate>
Issued By
Common Name (CN) $my_company Web Gateway
Organisation (O) $my_company
Organisational Unit (OU) $my_company_infrastructure_unit
11.3. Using HSTS in Conjunction with Self-Signed Public-Key
Certificates
If all four of the following conditions are true...
o a web site/organization/enterprise is generating its own secure
transport public-key certificates for web sites, and
o that organization's root certification authority (CA) certificate
is not typically embedded by default in browser and/or operating
system CA certificate stores, and
o HSTS Policy is enabled on a host identifying itself using a
certificate signed by the organization's CA (i.e., a "self-signed
certificate"), and
o this certificate does not match a usable TLS certificate
association (as defined by Section 4 of the TLSA protocol
specification [RFC6698]),
...then secure connections to that site will fail, per the HSTS
design. This is to protect against various active attacks, as
discussed above.
However, if said organization wishes to employ its own CA, and self-
signed certificates, in concert with HSTS, it can do so by deploying
its root CA certificate to its users' browsers or operating system CA
root certificate stores. It can also, in addition or instead,
distribute to its users' browsers the end-entity certificate(s) for
specific hosts. There are various ways in which this can be
accomplished (details are out of scope for this specification). Once
its root CA certificate is installed in the browsers, it may employ
HSTS Policy on its site(s).
For loads more digital and physical security manuals and advice (from using TOR to dealing with physical surveillance) that work offline on your phone, we launched an open source app called Umbrella to make it a bit easier.