It is a self-signed, therefore not providing authentication, only traffic encryption.
The default validity (30 days) is too short.
As there is no auto-renewal mechanism, a longer default period is appropriate.
Since the database can be exposed to the outer world, it seems better to
have an encrypted connection to it.
We automatically generate a self-signed certificate since it's only used
to encrypt the connection but one can easily replace it by a custom one,
just overwrite `server.crt` and `server.key` in the
/var/lib/dokku/services/postgres/DB_NAME/data directory.
