Whether the TLS cert/key already have been base64 encoded?

I am watching a tutorial of K8s Ingress:

when there config Ingress TLS, you see the:

  tls.crt: base64 encoded cert
  tls.key: base64 encoded key

I want to know whether should base64 encode the cert/key content ? or the cert/key content already have been base64 encoded?

Some more details here for TLS secrets. But the answer I think you’re looking for from that is this assuming you create the key using kubectl

kubectl create secret tls my-tls-secret \
  --cert=path/to/cert/file \

The public/private key pair must exist beforehand. The public key certificate for --cert must be .PEM encoded (Base64-encoded DER format), and match the given private key for --key . The private key must be in what is commonly called PEM private key format, unencrypted. In both cases, the initial and the last lines from PEM (for example, --------BEGIN CERTIFICATE----- and -------END CERTIFICATE---- for a certificate) are not included.