CNet reports that researchers from Carnegie Mellon University found out that users ignore “Invalid certificate” warnings:
The conclusion? Use essentially an external rating system that would ignore certificate validity and use a database to look up benign and dangerous web sites.
I think the real problem is that certificates are simply too expensive. Drop the prices, make a valid certificate mandatory for HTTPS by default, and provide a way to obtain valid certificates for free for intranet use, and the problem will go away on its own.