What is the final step after pointing dbparm.ini to the new key in HSM?

Once you have pointed the dbparm.ini file to the new key in the Hardware Security Module (HSM), the final step is to restart the Vault. This restart is crucial because it ensures that the Vault service recognizes the changes made in the configuration file and begins using the new cryptographic key specified in dbparm.ini. Restarting the service allows the system to load the new settings properly, thus activating the use of the new key for any cryptographic operations that follow.

Interacting with the HSM or modifying configuration files without restarting the Vault would mean that the service continues to operate with the old settings, leading to potential security risks or system errors. Therefore, it is essential to perform the restart to complete the process seamlessly and securely.