Breadcrumbs

Enable the Vault

  1. Set the following environment variable to allow Vault to be accessed from a web browser through a web user interface. Append the following line to the /etc/profile.d/vault.sh file and log in again with a new session.

export VAULT_ADDR=http://127.0.0.1:8200

  1. Enable the Vault.

# systemctl enable vault.service

  1. Start the Vault service.

# systemctl start vault.service

  1. Check that the Vault service is running.

# systemctl status vault
4679ca46-63fb-499b-b246-55abdbcacf96.jpg


Vault Service Status

  1. Check the Vault status.

# vault status
tmpfup4dpk6.png


Vault Status

  1. Initialize the Vault to use the HSM and note the initial root token value.

# vault operator init
74d739f5-7007-4d2b-958b-ea9544e3a164.jpg


Vault Initialization

  1. Verify that the keys got generated on the HSM.

# p11tool2 slot=<sot_no.> LoginUser=<slot_PIN> listobjects
07e1455a-9cbc-43e5-9e67-6ffa1e94380f.jpg


List Keys

  1. Check the Vault status again and verify that it is initialized and unsealed.