drag&drop DER-file over the der_certificate_converter_for_use_as__trusted_ca__for_rooted_android.cmd batch,
it will generate a file ready to be moved to /system/etc/security/cacerts/ .
more information (notes and comments) in:
der_certificate_converter_for_use_as__trusted_ca__for_rooted_android.cmd.
Download the whole thing: https://github.com/eladkarako/der_certificate_converter_for_use_as__trusted_ca__for_rooted_android/archive/master.zip.
All included (binaries and all), there are no dependencies (should work on any x86/x64 Windows PC, everything is portable too).
uses OpenSSL v1.1.1h Light (Win32 x86 version)
and few windows-capable "linux" exe files from http://gnuwin32.sourceforge.net/packages/coreutils.htm
both openssl and gnuwin32 have their own licenses...