postgres: where do you store the client ssl certificat ?

do you hide it in the desktop app ?
do you simply put it in the xojo project without hiding it ?
do you copy it to the ~/.postgresql folder at the first startup ?

what is the best practice ?

for write or read :

#if DebugBuild 
  f = GetFolderItem("settings.xml",0)
  #if TargetMacOS
    f = app.ExecutableFile.Parent.Parent.Child("settings.xml")
  #elseif TargetLinux
    f = app.ExecutableFile.Parent.Child("settings.xml")
  #elseif TargetWindows
    f = app.ExecutableFile.Parent.Child("settings.xml")

For mac U press right pad or mouse on app icon and select ‘show package contents’
For windows file are in executable folder

U can use copy file in build step and copy in ‘Contents Folder’ …

I wonder if it is a security problem to expose the client certificate like this in the ressource folder of the App.
should I encrypt the certificate, and decode it when the App runs ?