VyOS 1.4 - openconnect and Let's encrypt certificate

I am trying to setup openconnect VPN with a let’s encrypt certificate.
I have created the certificate with the hostname FQDN as subjectname.
I have two problems (related).
The first is that I really don’t understand the new way of pointing out certificates with:
set vpn openconnect ssl ca-certificate
set vpn openconnect ssl certificate
What should pki-ca-name be for the Let’s encrypt R3 certificate? (It contains a singlequote that is not accepted).

Where do the certificates need to be placed for the config to find them?

If I try to “guess”/“test” the names (I just tried R3 for pki-ca-name and my FQDN for pki-cert-name) and do commit I get the error message: “PKI not configured”.

Is there someone who has this working with the new way of pointing out certificates? Pointing at files was a bit clearer to me.

I figured it out myself. Posting my solution here incase someone has the same problem.

Get the R3 certificate inserted in the config

TEMP=`tail -n +2 /etc/ssl/certs/GTS_Root_R3.pem | head -n -1 | tr -d '\n'`
set pki ca R3 certificate $TEMP

Get my Letsencrypt certs into the config

TEMP=`sudo tail -n +2 /etc/letsencrypt/live/replace.this.with.your.name/cert.pem | head -n -1 | tr -d '\n'`
set pki certificate openconnect certificate $TEMP
TEMP=`sudo tail -n +2 /etc/letsencrypt/live/replace.this.with.your.name/privkey.pem |head -n -1 | tr -d '\n'`
set pki certificate openconnect private key $TEMP

I have also written a script to update my configuration that is intended to be run from crontab after renewing the certificate from let’s encrypt.

#!/bin/vbash
source /opt/vyatta/etc/functions/script-template
configure
delete pki certificate openconnect
TEMP=`sudo tail -n +2 /etc/letsencrypt/live/replace.this.with.your.name/cert.pem | head -n -1 | tr -d '\n'`
set pki certificate openconnect certificate $TEMP
TEMP=`sudo tail -n +2 /etc/letsencrypt/live/replace.this.with.your.name/privkey.pem |head -n -1 | tr -d '\n'`
set pki certificate openconnect private key $TEMP
commit
save
exit

In my openconnect setup I point to the certs with.

set vpn openconnect ssl ca-certificate 'R3'
set vpn openconnect ssl certificate 'openconnect'