Order of contents of the .pem file is also important. It should contain
unencrypted private key first, then a signed certificate
(not certificate request).
There should be also empty lines after certificate and private key.
Plaintext certificate information appended on the top of generated certificate
should be discarded. So the file should look like this:
-----BEGIN RSA PRIVATE KEY-----
[encoded key]
-----END RSA PRIVATE KEY-----
[empty line]
-----BEGIN CERTIFICATE-----
[encoded certificate]
-----END CERTIFICATE-----
[empty line]