I create two files, my.cer and my.pem ( include certificate and private key), I encrypt a file with my.cer, I use openssl smime -encrypt command. When decrypting data, it needs my.pem.
I think 3DES is symmetric cryptography so it should just need my.cer. Please explain.
Yes, 3DES is a symmetric cipher and you use a secret key for both encryption and decryption with it. However, that is not the same thing as the keys used in RSA or other public key cryptography – you cannot (and should not) use either of them for 3DES.
Since you are using S/MIME, you are actually using public key encryption. Any reference to 3DES is about the symmetric part of a hybric cryptosystem. That is, you use the public key encrypt/generate a secret key that encrypts the actual message. So you need the private key to decrypt it.