Hello everyone.
I'm trying to import certificate for my webvpn clients on my router c2921.
Can you, please, help me to understand, what am I doing wrong? Certificates are base64.
Step by step:
1. Making new trustpoint for Root CA

ssl-proxy#config terminal
ssl-proxy(config)#crypto ca trustpoint CA_ROOT
ssl-proxy(ca-trustpoint)#enrollment terminal PEM
ssl-proxy(ca-trustpoint)#revocation-check none
ssl-proxy(ca-trustpoint)#exit

2. Importing certificate for Root CA.

ssl-proxy#config terminal
ssl-proxy(config)#crypto ca authenticate CA_ROOT

Enter the base 64 encoded CA certificate.
End with a blank line or the word "quit" on a line by itself

-----BEGIN CERTIFICATE-----
MIIHyTCCBbGgAwIBAgIBATANBgkqhkiG9w0BAQUFADB9MQswCQYDVQQGEwJJTDEW
MBQGA1UEChMNU3RhcnRDb20gTHRkLjErMCkGA1UECxMiU2VjdXJlIERpZ2l0YWwg
Q2VydGlmaWNhdGUgU2lnbmluZzEpMCcGA1UEAxMgU3RhcnRDb20gQ2VydGlmaWNh
...
O3NJo2pXh5Tl1njFmUNj403gdy3hZZlyaQQaRwnmDwFWJPsfvw55qVguucQJAX6V
um0ABj6y6koQOdjQK/W/7HW/lwLFCRsI3FU34oH7N4RDYiDK51ZLZer+bMEkkySh
NOsF/5oirpt9P/FlUQqmMGqz9IgcgA38corog14=
-----END CERTIFICATE-----
quit

Certificate has the following attributes:
Fingerprint MD5: ***
Fingerprint SHA1: ***

% Do you accept this certificate? [yes/no]: yes
Trustpoint CA certificate accepted.
% Certificate successfully imported

3. Additional trustpoint for certificate chain+private key.

ssl-proxy(config)#crypto ca trustpoint CA_INTANDSERV
ssl-proxy(ca-trustpoint)#enrollment terminal PEM
ssl-proxy(ca-trustpoint)#revocation-check none
ssl-proxy(ca-trustpoint)#exit

4. As I understood, Cisco needs a private key encrypted with DES3. I had it unencrypted from GlobalSign. To encrypt it, I used this command:
openssl rsa -in ssl-key.pem -out ssl-key-des3.pem -des3

5. Importing key with certificate chain with the following order - Intermediate chain -> Encrypted Key -> Certificate

ssl-proxy(config)#crypto pki import CA_INTANDSERV pem terminal password *
% Enter PEM-formatted CA certificate.
% End with a blank line or "quit" on a line by itself.
-----BEGIN CERTIFICATE-----
MIIGNDCCBBygAwIBAgIBGTANBgkqhkiG9w0BAQsFADB9MQswCQYDVQQGEwJJTDEW
MBQGA1UEChMNU3RhcnRDb20gTHRkLjErMCkGA1UECxMiU2VjdXJlIERpZ2l0YWwg
...
mVv3yh6zTKYoXOMjH722m0oPwmgFsNLVrRSMtGt3Vvh0oSoDCjOi594tqTwaemkt
FyGcXud7db/MkwC2MU0DC1QZX3YQpjuP/keRY/U46/oOwaqI8JnhNd6xyn4H4ufz
UAgl+Pu/aphb4RlClRuEL38a/Kq70wujW77vBXiEmjVOKnIkI2OElZ/AyIQS/jZf
AJX+NnYi6tU=
-----END CERTIFICATE-----
quit
% Enter PEM-formatted encrypted private General Purpose key.
% End with "quit" on a line by itself.
-----BEGIN ENCRYPTED PRIVATE KEY-----
8bSB63XVf1XKDUw3vROmurUsSYmxMfvZZJHq3zbM5LVQnoNepGUrwWTdLdxG/BWa
L9bsTtfXmSCrG+YEdfiWDdkQFmpk/+smH8fP1mMkcrfef1ZBphB4q4GfOTOdBQ2W
kwVsygVPufp3O9V1rUDdN6/iA4fq5neZ7jVo9GRLNpBZjZz11YZe0rOxjDjLcFoW
...
e4hCLVnBkDi5iXXaT5TpY0XTH41iXtjQtxQMLlX2o72ysO7dctFzPbYNKhcf6UB1
Ek6tU3DBWC/g0VOfYvkRMZ9gfbfrLehxMTOCkVepgQ2kyzPUaKD4FwcUaDcJM3OU
ZHr89O3bthWxNlo2W7GQyc2ekkrlNMHaEkPf5k+2cx9MKuls+iEgjqQ5BoNTNffI
FHDttS220VvpueNgXYaPmfr+XkQFesMCNXgoPW2ZiIPid9Pb1HlD5g==
-----END ENCRYPTED PRIVATE KEY-----
quit
% Enter PEM-formatted General Purpose certificate.
% End with a blank line or "quit" on a line by itself.
-----BEGIN CERTIFICATE-----
MIIGTzCCBTegAwIBAgIDEvrfMA0GCSqGSIb3DQEBCwUAMIGMMQswCQYDVQQGEwJJ
TDEWMBQGA1rEChMNU3RhcnRDb20gTHRkLjErMCkGA1UECxMiU2V9dXJlIERpZ2l0
YWwgQ2V3dGlmaWNhdGUgU2lnbmluZzE4MDYGA15EAxMvU3RhcnRDb20gQ2xhc3Mg
...
Ey+l2VFKLnbPb99RjxHie0UKl39oQCZ5hx0t66twjUSlvz6Sqo7q5AoK0LG8qmVq
bUL99SPG4myhwOVQhmp//HuPCVUsIxV1tAAgb5/ATnC/rVdG47MNILn80tuHMaS7
O9Mh7lCm+GXn+i+wwKP5d7R3/DUzQpTurUFwiCp+qe5kHwoqYdGA5N2VoQk9Yiox
Aqv3708CVm8xCPvqV5HboRTd6Yuq9nz5a49kvL31NcQ3wSw=
-----END CERTIFICATE-----
quit
Unable to decode key.
% PEM files import failed.

I entered correct passw0rd for the key and I can not understand, why I'm getting the error.
Can anyone help me?