I'm glad that you were able to resolve your issue and thank you for posting your solution so that others experiencing the same thing can easily reference this!
Since the Microsoft Q&A community has a policy that "The question author cannot accept their own answer. They can only accept answers by others (Opens in new window or tab)", I'll repost your solution in case you'd like to "Accept (Opens in new window or tab)" the answer.
Issue: Unable to choose wildcard Azure app certificate from KeyVault as a certificate as it is saved as a secret.
Solution: Instead of choosing it from KeyVault, OP moved App Service Certificate from a seperate resource group to production resource group.
If you have any other questions or are still running into more issues, please let me know.
Thank you again for your time and patience throughout this issue.
Please remember to "Accept Answer", so that others in the community facing similar issues can easily find the solution.
Thanks,
Akshay Kaushik