Arista LDAP

Foxpass ssl profile:

management security
ssl profile foxpass-ssl
trust certificate foxpass.pem
trust certificate DigiCertGlobalRootG2.pem

Configuration

aaa authentication login default group ldap local
aaa authorization exec default group ldap local
management ldap
server defaults
base-dn dc=8080,dc=io
rdn attribute user uid
search username cn=network_devices,dc=8080,dc=io password 0 <redacted>
!
server host ldap.foxpass.com
ssl-profile foxpass-ssl
authorization group policy foxpass-policy
!
group policy foxpass-policy
search filter objectclass groupOfNames attribute member
group "network_admin" role network-admin
group "network_ro" role network-operator

It does require installing both the CA and complete Foxpass SSL cert chain into /persist/secure/ssl/certs/ of the switch. This can be accomplished by building an RPM and installing it as an extension so that stale certs are automatically cleaned up when there are updates. Instructions to build an RPM are here.