I have tried to setup two FortiAnalyzer 300G in Geo-Redundant HA. Version 7.6.2
The devices are on two different locations and have identical hardware and setup.

It always failed to sync the initial config.
On secondary FAZ I only see this logs:
FAZxxxxxxx, dvm, dvmcmd control, Unregistered device xxxx_FG201F add failed, Add device, xxxx_FG201F, Unregistered device xxxx_FG201F add failed
FAZxxxxxxx, fazsys, system, Unable to accept logs from Device (FG201Fxxxx 10.xx.xx.x) due to internal error, errcode=-1002.,Receive logs, Fail to receive logs.

First time I have solved this problem by exporting the logging device list and import it to secondary before setup of HA. But after Upgrade to 7.6.2 this has not worked anymore.

I was just before creating a support ticket, but then I got the idea with certificate.
We have an internal PKI and have installed our own certificate for FAZ.
SAN is correct, CA and chain Certs are installed. All look good.
So I had used the certificate from PKI in the config of HA.
FAZ1 # config system ha
(ha)# show
config system ha
set local-cert "xxxFAZ1"
set mode a-a
set group-id 10
set group-name "FAZ"
set hb-interface "port1"
set password ENC xxx
config peer
edit 1
set addr "10.x.xx.xx"
set serial-number "FAZxxx"
next
end
set unicast enable
end

To ensure that the certificate is not the problem, I have installed both certificates on both devices.
But it does not solve the problem.

Finally the solution was to use default certificate in config system ha.
config system ha
set local-cert ""
Note: "" means that default certificate will be used.

Once I set it to default, the initial sync worked.