Your keys shouldn't be readable by everyone on your system.
Your problem should be that Mosquitto switches to a different user.

Your mosquitto.conf omits user, which defaults to the user "mosquitto".
Either ensure the certificate files can be read by that user, or configure to use a different user 👍