Hi , To answer your question
You can configure Key Vault firewalls and virtual networks to deny access to traffic from all networks (including internet traffic) by default. You can grant access to traffic from specific Azure virtual networks and public internet IP address ranges, allowing you to build a secure network boundary for your applications.
So you can allow inbound/output rules for http/https in NSG and then it should work
Please check MS doc for ref https://learn.microsoft.com/en-us/azure/key-vault/general/overview-vnet-service-endpoints
And still if issue occurs , please share the error in detail
Thanks , kindly accept answer if it has helped