Can I use Endpoint Policy Manager Cloud to deliver certificates ?

It is possible to configure Security Settings > Public Key Policies as shown in this example, by following thse steps:

Step 1 – Create a real GPO.

Step 2 – Export it using PP Settings Manager to an XML. See the Endpoint Policy ManagerCloud: How to deploy Microsoft Group Policy Settings using Endpoint Policy Manager Cloud topic for additional information.

Step 3 – Uplaod it to Endpoint Policy Manager Cloud. This would make the specified cert Trusted Root CA on the target machines.

NOTE: It is not possible to deploy (example), a .PFX file, which is basically a cert + private key. This is also not possible with Group Policy itself.

In summary, anything that's in GP Security Settings > Public Key Policies is also possible once you export, then deploy using PPCloud or Netwrix Endpoint Policy Manager (formerly PolicyPak) MDM.

Inside the exported XML you can see the certificate embedded like this and ready for use.