I had this problem also. Just rename the CER to PEM was enough :)

我也有这个问题。只需将 CER 重命名为 PEM 就足够了:)

To expand on existing answer, like explained by ssl.com, a .cer file can be either in der or pem encoding. If it is in der encoding, you'll need to do conversion like you have done, but if it is already in pem encoding, no conversion is necessary and you get the error you've got if you try - and you can just rename the file.

为了扩展现有答案，如ssl.com 所解释的，.cer 文件可以是 der 或 pem 编码。如果是 der 编码，则需要像之前那样进行转换，但如果它已经是 pem 编码，则不需要转换，如果尝试，则会出现错误 - 您只需重命名文件。

If you're unsure, it is good to know that .der is a binary format, whereas .pem is ascii one. If you echo the contents of your certificate out, a .pem file would look something like this:

如果您不确定，最好知道 .der 是一种二进制格式，而 .pem 是 ascii 格式。如果您将证书的内容回显出来，.pem 文件将如下所示：

-----BEGIN CERTIFICATE-----
MIIEuTCCA6G[snip lots of chars]
XmCpajQ==
-----END CERTIFICATE-----

And a .der file would look like this:

.der 文件如下所示：

0??0???@*?H?????0
0??1
    0   UUS10U
VeriSign, Inc.10U
                 VeriSign Trust Network1:08U

I have similar issue with CRT format which give me error during converting to pem. I do same thing like L0g0ff and it works. Below more details.

我有类似的 CRT 格式问题，在转换为 pem 时会出错。我做同样的事情，比如 L0g0ff 并且它有效。下面有更多细节。

1. I checked details of certificate:

   openssl x509 -in certificate.crt -noout -text

2. after changing extension to from certificate.crt to certificate.pem I get file in expected format:

1. 我检查了证书的详细信息：

   openssl x509 -in certificate.crt -noout -text

2. 将扩展名从certificate.crt更改为certificate.pem后，我得到了预期格式的文件：

-----BEGIN CERTIFICATE----- ........................... -----END CERTIFICATE-----

-----BEGIN CERTIFICATE----- ........................... -----END CERTIFICATE-----