Use common key and certificate for the system

Makefile

@@ -32,8 +32,8 @@ all: cyrus-config imapd-config cyrus-imapd-service services default-sieve
 	install -v -m750 -o cyrus -g mail -d /var/lib/cyrus
 	install -v -m750 -o cyrus -g mail -d /var/spool/cyrus
 	install -v -m750 -o cyrus -g mail -d /var/spool/sieve
-	openssl req -new -x509 -nodes -out /var/lib/cyrus/server.pem -keyout /var/lib/cyrus/server.pem -days 3650 -subj "/C=US/ST=Denial/L=Springfield/O=Dis/CN=localhost"
-	chown cyrus:mail /var/lib/cyrus/server.pem
+	openssl req -new -x509 -nodes -out /etc/ssl/private/server.pem -keyout /etc/ssl/private/server.pem -days 3650 -subj "/C=US/ST=Denial/L=Springfield/O=Dis/CN=localhost"
+	chown cyrus:mail /etc/ssl/private/server.pem
 	sudo -u cyrus cyrus-imapd-3.2.3/tools/mkimap
 	@echo "d /run/cyrus 755 cyrus mail -" > /usr/lib/tmpfiles.d/cyrus.conf
 	@echo "$$CYRUS_IMAPD_SERVICE" > /lib/systemd/system/cyrus-imapd.service
@@ -218,11 +218,11 @@ sasl_auto_transition: no
 
 # File containing the global certificate used for ALL services (imap,
 # pop3, lmtp, sieve)
-tls_server_cert: /var/lib/cyrus/server.pem
+tls_server_cert: /etc/ssl/private/server.pem
 
 # File containing the private key belonging to the global server
 # certificate.
-tls_server_key: /var/lib/cyrus/server.pem
+tls_server_key: /etc/ssl/private/server.pem
 
 # File containing one or more Certificate Authority (CA) certificates.
 #tls_client_ca_file: /etc/ssl/certs/cyrus-imapd-ca.pem