Heroku may change the certificate for api.heroku.com as part of platform maintenances. This may affect your Heroku apps if they satisfy any of the following conditions:
- Pins custom ICA/Root certificates
- Hard-codes the acceptance of ICA/Root certificates
- Bundles their own trust store
If your app does any of the above, you'll likely have issues interacting with the Heroku API (api.heroku.com).
We recommend performing the following actions:
- Update your custom certificate bundle and redeploy your app
- Avoid pinning or hard-coding root or ICA certificate acceptance or make the necessary changes to ensure certificates issued from the ISRG Root X1 certificate hierarchy are trusted i.e. they can chain up to their trusted ISRG Root X1 root certificate. For further details see: https://letsencrypt.org/docs/certificate-compatibility/, and https://letsencrypt.org/certificates/