I modfied the Script for generate only .pem file for use Let's Encrypt certificate with Encrypted browser-Squid connection.

pemExtract.sh

#!/bin/sh

set -eu

XMLLINT=/usr/local/bin/xmllint
BASE64_DECODE='/usr/local/bin/python2 -m base64 -d'
OPENSSL="/usr/bin/openssl"
KEYTOOL="/usr/local/bin/keytool"
PFSENSE_CONF=/cf/conf/config.xml

extract_private_key() {
        local RAW XPATH
        XPATH="/pfsense/cert[descr[normalize-space(.) = '$1']]/prv/text()"
        RAW="`"$XMLLINT" --xpath "$XPATH" "$PFSENSE_CONF"`"
        printf "%s\n" "`echo "$RAW" | $BASE64_DECODE`"
}

extract_certificate() {
        local RAW XPATH
        XPATH="/pfsense/cert[descr[normalize-space(.) = '$1']]/crt/text()"
        RAW="`"$XMLLINT" --xpath "$XPATH" "$PFSENSE_CONF"`"
        printf "%s\n" "`echo "$RAW" | $BASE64_DECODE`"
}

combine_pem() {
        local PRIVATE_KEY CERTIFICATE
        PRIVATE_KEY="`extract_private_key "$1"`"
        CERTIFICATE="`extract_certificate "$1"`"
        printf '%s\n%s\n' "$PRIVATE_KEY" "$CERTIFICATE"
}

main() {
        local KEYSTORE PFSENSE_CERT_NAME
        if [ "$#" -ne 1 ]; then
                printf "Not enough arguments.\nUsage:\n\t%s\n" \
                        "$0 certificate_name"
                exit 1
        fi
        PFSENSE_CERT_NAME="$1"

        echo "Extracting cert+key form pfSense"
        combine_pem "$PFSENSE_CERT_NAME"
}

main $@