You Do have to put some content in your certificate ( like a key - I found issues as I hardened the security baseline (requiring more than SHA 1)
However you make a certificate in the EFS REKEY Wizard, search manage file encryption in the start menu > open EFS follow the prompts. image_2023-11-30_055413444.png . But the defaults are keys that can not meet HARDENED baselines - I have now decided to use yubikey x 2 as they're capable of smart card, multiple device, boot, OS and Online account passwordless managment.
Hope this helped