packagegroup-ima: RRECOMMEND certificates rather than private keys

Do not even try pulling private keys into rootfs.

Signed-off-by: Dmitry Eremin-Solenikov <dmitry_eremin-solenikov@mentor.com>

meta-integrity/recipes-base/packagegroups/packagegroup-ima.bb

@@ -15,6 +15,6 @@ RDEPENDS_${PN} += "\
 
 # Note any private key is not available if user key signing model used.
 RRECOMMENDS_${PN} += "\
-    key-store-ima-privkey \
-    key-store-system-trusted-privkey \
+    key-store-ima-cert \
+    key-store-system-trusted-cert \
 "