diff --git a/mail-server/common.nix b/mail-server/common.nix
index 12d7b96..42d0180 100644
--- a/mail-server/common.nix
+++ b/mail-server/common.nix
@@ -26,7 +26,7 @@ in
              else if cfg.certificateScheme == 2
                   then "${cfg.certificateDirectory}/cert-${cfg.domain}.pem"
                   else if cfg.certificateScheme == 3
-                       then "/var/lib/acme/${cfg.hostPrefix}.${cfg.domain}/fullchain.pem"
+                       then "/var/lib/acme/mailserver/fullchain.pem"
                        else throw "Error: Certificate Scheme must be in { 1, 2, 3 }";
 
   # key :: PATH
@@ -35,6 +35,6 @@ in
         else if cfg.certificateScheme == 2
              then "${cfg.certificateDirectory}/key-${cfg.domain}.pem"
               else if cfg.certificateScheme == 3
-                   then "/var/lib/acme/${cfg.hostPrefix}.${cfg.domain}/key.pem"
+                   then "/var/lib/acme/mailserver/key.pem"
                    else throw "Error: Certificate Scheme must be in { 1, 2, 3 }";
 }
diff --git a/mail-server/nginx.nix b/mail-server/nginx.nix
index 71f6c28..52a0bbb 100644
--- a/mail-server/nginx.nix
+++ b/mail-server/nginx.nix
@@ -20,6 +20,7 @@
 with (import ./common.nix { inherit config; });
 
 let
+  inherit (lib.attrsets) genAttrs;
   cfg = config.mailserver;
   allDomains = [ cfg.domain ] ++ cfg.extraDomains;
   acmeRoot = "/var/lib/acme/acme-challenge";
@@ -38,7 +39,7 @@ in
            acmeRoot = acmeRoot;
        });
     };
-    security.acme.certs."${hostPrefix}.${domain}" = {
+    security.acme.certs."mailserver" = {
       # @todo what user/group should this run as?
       user = "postfix"; # cfg.user;
       group = "postfix"; # lib.mkDefault cfg.group;