Breadcrumbs

Enable the Vault

  1. Set the following environment variable to allow vault to be accessed from a web browser through web user interface. Append the following line to the /etc/profile.d/vault.sh file and login again with a new session.

vault.sh

export VAULT_ADDR=http://127.0.0.1:8200

  1. Enable the vault.

›_ Console

# systemctl enable vault.service

  1. Start the vault service.

›_ Console

# systemctl start vault.service

  1. Check that the vault service is running.

›_ Console

# systemctl status vault

tmp8gjo459j.jpg

Vault service status

  1. Check the vault status.

›_ Console

# vault status

tmp4o2nga5t.jpg

Vault status

  1. Initialize the vault to use the HSM and note initial root token value.

›_ Console

# vault operator init

tmp73duj1mt.jpg

Vault initialization

  1. Verify that the keys got generated into the HSM.

›_ Console

# p11tool2 slot=<sot_no.> LoginUser=<slot_PIN> listobjects

tmp2exwaf8f.jpg

List keys

  1. Log in to vault using the Initial Root Token saved above.

›_ Console

# vault login <initial_root_token_vaule>

tmpwcjh9mlk.jpg

Vault login

  1. If you want to read the license status information run the below command.

›_ Console

# vault read sys/license/status

tmp1p3lx89d.jpg

Vault license