The steps that helped me to solve this problem

1. Go to azure key vault service and select the key vault
2. In my case access policies for the key vault was showing
"Access policies not available. The access configuration for this key vault is set to role-based access control. To add or manage your access policies, go to the Access control (IAM) page.", so go to the Access control (IAM)
3. Select "add role assignment"
4. From 'Role' tab select "Key Vault Certificate User"
5. From "Members" tab select "Assign access to User, group, or service principal"
6. Click on + Select members and in the right search menu you will see users list, past in that menu -> "Microsoft.AzureFrontDoor-Cdn", the item will appear , select that and go to next and save
7. Then go back to azure cdn and continue