Information
The keystore stores encryption keys used to encrypt your database. Losing the key will make the data inaccessible. If the keystore with encryption keys is lost, there is no way to decrypt the data.
Rationale:
The contents of your keystore are critical and it is important that you back up the keystore at regular intervals. Backups should be done whenever the contents of the keystore changes, such as when a key or certificate is added, a master key (MK) is rotated, or the password is changed.
For local keystore files, the configuration file is not included as part of a Db2 database backup and must be backed up manually.
For a centralized keystore, consult the documentation for your keystore product to understand their recommendations for keystore backups.
NOTE: Nessus has not performed this check. Please review the benchmark to ensure target compliance.
Solution
Regularly backup your keystore and stash files, using mechanisms outside of Db2.