I need to send data from a security appliance to a Splunk Heavy Forwarder on a listening port using TCP-TLS. Getting the errors below everytime in opt/splunk/var/log/splunk/splunkd.log that Splunk is started.

ERROR    SSLCommon - Can't read key file    /opt/splunk/etc/certs/cert.pem    errno=151441516 error:0906D06C:PEM    routines:PEM_read_bio:no start line.
ERROR    TcpInputConfig - SSL server    certificate not found, or password is    wrong - SSL ports will not be opened
ERROR    TcpInputConfig - SSL context not    found. Will not open raw (SSL) IPv4    port 17814

Here are the steps I followed:

1. Generated CSR file on my Heavy Forwarder and sent to my certificate provider to have it signed.
2. Received *.cer back from my certificate provider.
3. Ran following command to convert *.cer into *.pem: openssl x509 -inform pem -in certificate.cer -outform der -out certificate.pem
4. Copied cert.pem & InternalRootCA.pem to /opt/splunk/etc/certs

5. Here is my inputs.conf

   [SSL]
   rootCA = $SPLUNK_HOME/etc/certs/InternalRootCA.pem
   serverCert = $SPLUNK_HOME/etc/certs/cert.pem
   password = ***************
   requireClientCert = false
   [tcp-ssl://17814]
   sourcetype = syslog
   index = **
   Restart Splunk & I get errors:

   ERROR SSLCommon - Can't read key file /opt/splunk/etc/certs/cert.pem errno=151441516 error:0906D06C:PEM routines:PEM_read_bio:no start line.
   ERROR TcpInputConfig - SSL server certificate not found, or password is wrong - SSL ports will not be opened
   ERROR TcpInputConfig - SSL context not found. Will not open raw (SSL) IPv4 port 17814
   The cert folder only includes the two files
   InternalRootCA.pem
   cert.pem