diff --git a/internal/openvpn/extract/pem.go b/internal/openvpn/extract/pem.go
index f7669928..c89bf522 100644
--- a/internal/openvpn/extract/pem.go
+++ b/internal/openvpn/extract/pem.go
@@ -1,33 +1,23 @@
 package extract
 
 import (
+	"encoding/base64"
 	"encoding/pem"
 	"errors"
-	"regexp"
-	"strings"
+	"fmt"
 )
 
 var (
 	errPEMDecode = errors.New("cannot decode PEM encoded block")
 )
 
-var (
-	regexPEMBegin = regexp.MustCompile(`-----BEGIN [A-Za-z ]+-----`)
-	regexPEMEnd   = regexp.MustCompile(`-----END [A-Za-z ]+-----`)
-)
-
 func PEM(b []byte) (encodedData string, err error) {
 	pemBlock, _ := pem.Decode(b)
 	if pemBlock == nil {
-		return "", errPEMDecode
+		return "", fmt.Errorf("%w", errPEMDecode)
 	}
 
-	encodedBytes := pem.EncodeToMemory(pemBlock)
-	encodedData = string(encodedBytes)
-	encodedData = strings.ReplaceAll(encodedData, "\n", "")
-	beginPrefix := regexPEMBegin.FindString(encodedData)
-	encodedData = strings.TrimPrefix(encodedData, beginPrefix)
-	endPrefix := regexPEMEnd.FindString(encodedData)
-	encodedData = strings.TrimSuffix(encodedData, endPrefix)
+	der := pemBlock.Bytes
+	encodedData = base64.StdEncoding.EncodeToString(der)
 	return encodedData, nil
 }
diff --git a/internal/openvpn/extract/pem_test.go b/internal/openvpn/extract/pem_test.go
index 345276fa..77a2a037 100644
--- a/internal/openvpn/extract/pem_test.go
+++ b/internal/openvpn/extract/pem_test.go
@@ -1,6 +1,7 @@
 package extract
 
 import (
+	"bytes"
 	"testing"
 
 	"github.com/stretchr/testify/assert"
@@ -24,6 +25,14 @@ func Test_PEM(t *testing.T) {
 			errWrapped: errPEMDecode,
 			errMessage: "cannot decode PEM encoded block",
 		},
+		"valid data with extras": {
+			b: bytes.Join([][]byte{
+				{1, 2, 3},
+				[]byte(validCertPEM),
+				{4, 5, 6},
+			}, []byte("\n")),
+			encodedData: validCertData,
+		},
 		"valid data": {
 			b:           []byte(validCertPEM),
 			encodedData: validCertData,