Issue
- You are attempting to connect to your Heroku Postgres database with a third-party tool, such as Amazon Quicksight. This tool is trying to use SSL verification but the connection is failing.
- You are trying to find the CA files or certificate for your Heroku Postgres server.
Resolution
Amazon Quicksight and similar tools require that SSL connections be negotiated with CA-verifiable certificates.
Unless you're using a Private or Shield Heroku Postgres database, Heroku Postgres does not currently support verifiable certificates. Our certificates will change when the underlying hardware has issues and we move your database away from it. As such, these tools cannot be used with Heroku Postgres unless you can configure them to use traditional username/password authentication.
For Private or Shield Heroku Postgres databases, you can use Mutual TLS to create a secure and mutually authenticated channel between an external resource and your database. With this feature, Heroku will generate CA-verifiable certificates that you can download and configure in your client/external tool.