Using external ssl certificate

There is an issue when trying to use external certificate.
When using katello-cert-check command ,

[root@satellite-server SSL-CERT]# katello-certs-check -c fullchain.crt -k privatekey -b CSR
Checking server certificate encoding:

unable to load certificate
140677509474112:error:0909006C:PEM routines:get_name:no start line:crypto/pem/pem_lib.c:745:Expecting: TRUSTED CERTIFICATE
date: invalid date ‘+%Y%m%d%H%M%S’
Checking expiration of certificate:

Checking expiration of CA bundle:

The CA bundle "/root/SSL-CERT/CSR" has already expired on:
Checking if server certificate has CA:TRUE flag

Checking for private key passphrase:

Checking to see if the private key matches the certificate:

Checking CA bundle against the certificate file:

The /root/SSL-CERT/CSR does not verify the /root/SSL-CERT/fullchain.crt
Error loading file /root/SSL-CERT/CSR

Checking CA bundle size: 1

Checking Subject Alt Name on certificate

Checking if any Subject Alt Name on certificate matches the Subject CN

Checking Key Usage extension on certificate for Key Encipherment

Checking for use of shortname as CN

Expected outcome:
Use external SSL Certificate in the server.
Foreman and Proxy versions:
Foreman 3.5 and Katello 4.7
Distribution and version:
Rocky Linux release 8.7 (Green Obsidian)
Other relevant data:
When running foreman-installer command:

[root@satellite-server SSL-CERT]# foreman-installer --scenario katello --certs-server-cert "fullchain.crt" --certs-server-key "privatekey" --certs-server-ca-cert "CSR" --certs-update-server --
2023-03-30 01:52:44 [NOTICE] [root] Loading installer configuration. This will take some time.
2023-03-30 01:52:47 [NOTICE] [root] Running installer with log based terminal output at level NOTICE.
2023-03-30 01:52:47 [NOTICE] [root] Use -l to set the terminal output log level to ERROR, WARN, NOTICE, INFO, or DEBUG. See --full-help for definitions.
2023-03-30 01:52:49 [ERROR ] [root] Parameter certs-server-cert invalid: fullchain.crt is not one of regexes matching /\A(([a-zA-Z]:[\\\/])|([\\\/][\\\/][^\\\/]+[\\\/][^\\\/]+)|([\\\/][\\\/]\?
[\\\/][^\\\/]+)).*\z/ or regexes matching /\A\/([^\n\/\0]+\/*)*\z/
2023-03-30 01:52:49 [ERROR ] [root] Parameter certs-server-key invalid: privatekey is not one of regexes matching /\A(([a-zA-Z]:[\\\/])|([\\\/][\\\/][^\\\/]+[\\\/][^\\\/]+)|([\\\/][\\\/]\?[\\\
/][^\\\/]+)).*\z/ or regexes matching /\A\/([^\n\/\0]+\/*)*\z/
2023-03-30 01:52:49 [ERROR ] [root] Parameter certs-server-ca-cert invalid: CSR is not one of regexes matching /\A(([a-zA-Z]:[\\\/])|([\\\/][\\\/][^\\\/]+[\\\/][^\\\/]+)|([\\\/][\\\/]\?[\\\/][
^\\\/]+)).*\z/ or regexes matching /\A\/([^\n\/\0]+\/*)*\z/
Error during configuration, exiting

The same issue comes when trying to use external certificate while fresh install and post-install of foreman.

Check the usage of katello-certs-check:

# katello-certs-check 
One of the required parameters is missing.
Verifies, that custom SSL certificate files are usable
as part of the Katello installation. When passing filenames use absolute paths.

usage: /sbin/katello-certs-check -t [foreman|foreman-proxy] -c CERT_FILE -k KEY_FILE -b CA_BUNDLE_FILE

CERT_FILE is the certificate in PEM format.
KEY_FILE is the private key in PEM format.
CA_BUNDLE_FILE is the full CA chain for the certificate including the root CA.

Without knowing the content of your files fullchain.crt sounds a lot like it is not only the certificate but includes the chain, CSR sounds more like a certificate signing request than a ca chain.