Accessing and securing your key database files on Windows

The key database files might not have appropriate access permissions. You must set appropriate access to these files.

Set access control to the files key.kdb, key.sth, key.crl, and key.rdb, where key is the stem name of your key database, to grant authority to a restricted set of users.

Consider granting access as follows:

full authority: BUILTIN\Administrators, NT AUTHORITY\SYSTEM, and the user who created the database files.
read authority: For a queue manager, the local mqm group only. This assumes that the MCA is running under a user ID in the mqm group.; For a client, the user ID under which the client process is running.