Which step is performed first when integrating HSM after Vault installation?

When integrating a Hardware Security Module (HSM) after the installation of a Vault, the first step is to ensure that the communication between the Vault and the HSM is possible. Opening the firewall port to HSM as specified in the dbparm.ini file is crucial because it allows the Vault to establish a secure connection to the HSM. Without this network communication being established, any subsequent steps, such as enrolling the Vault, encrypting PIN codes, or restarting the Vault, cannot be successfully completed, as the systems need to be able to communicate over the appropriate ports for integrity and security.

Setting the firewall port properly safeguards against unauthorized access while simultaneously allowing legitimate traffic necessary for the integration process. This ensures that the Vault can connect to the HSM for secure operations like key management and encryption tasks, forming the foundational step in the integration process. Therefore, this step is essential and must be prioritized before any further actions can be taken.