Using powershell to automate remote login using TLS certs with AWS Managed AD CS

Question

So I am trying to achieve remote logins via powershell using certs from an AWS Managed AD Certificate Service but I am struggling on where to go or how to achieve this.

I will be remote logging from my own work laptop into domain joined servers, I have the certificate service/authority setup but I am not sure where to go next from here and wondering if anyone could help with a few pointers? I am new to this and tried going through their docs but they seem overly complicated.

Would I need to somehow store the cert/s use for remote logging on my own machine? Or will storing them on the servers I want to remote login to work?

• Is it even possible to request a cert from ad remotely to be used for remote logging in?
• Is there anything else I possibly need to think about around this?

Any advice or pointers would be much appreciated.

I have tried doing this locally, with a server not on the domain and can do it this way, although I need to generate the cert on the server itself first then use its thumbprint to connect.

I have also setup the certificate services for Managed AD but stuck on where to go next.