Question regarding the Platform Key (PK) certificate on some servers in our environment.  When running the command to see if the Platform Key (PK) is good, some servers report the following,

PS C:\> certutil -dump PK.der
 00                                                 .
 CertUtil: -dump command completed successfully.
PS C:\>$bytes.Length
 45

Does this certificate also need to be installed or corrected for updates to occur in the database for the 2023CA and KEK certificates?  If so, the current fix is very manual w/ requiring us to attach a drive (using VMWare) to the server, placing the PK onto the drive, shutting it down, booting to BIOS, installing the PK certificate, then removing the drive and booting the server back up. 

Again, more manual steps and more downtime for our servers.