I had been attempting to connect my on system code to work on cloud. For this the device (Raspberry pi) needs to have public encryption method to be able to understand the instructions that are triggered from cloud. For this I need to have a ssl certificate that can be used in an ARM microcontroller. I had already scraped datasheet to see a possibility of it but no success.
Precisely I am attempting to blink a led through command fired from GCP cloud function.
Whatever micro-controller you want to use, what you need is a software library supporting public key encryption/decryption and may be the TLS protocol, ideally in its 1.3 version, depending on how you will be communicating with the cloud infrastructure you are using. Examples of such libraries are openssl and mbedtls, the latter being more suited for use on micro-controllers. In your specific case, you should download the latest SDK version 1.5.0 for the raspberrypi pico, since it contains a port of mbedtls, and start looking at the code examples as well as to the mbedtls documentation.
You will then need to create or get an X.509 certificate that will be accepted by the server you want to connect to, and embbed it into your code so that mbedtls will be able to use it. I would suggest to refer to the google cloud documentation for the X.509 certificate provisioning part since your certificate may have to be signed by a Certificate Authority the Google cloud infrastructure is trusting.
You can google 'How to Build an SSL/TLS Certificate' for articles describing how to create X.509 certificates, and even try creating one by yourself for learning purpose, this will probably help refining your requirements.