This procedure applies to both peers. Repeat the procedure on each
FortiGate unit, using the correct IP address for each. You may wish to
vary the Phase 1 names but this is optional. Otherwise all steps are the
same for each peer.This is the best sol...
Might be an easier way of doing this but here's what worked for
me:[ol]Install letsencrypt on a box with tcp/80, tcp/443
open.Temporarily point the DNS A record of your SSL VPN at the box
you're going to run letsencrypt on.Run letsencrypt-auto -d
vpn...