HOTSPOT
You have a server named Server1 that runs Windows Server 2016. Server1 has the Web Application Proxy
role service installed.
You are publishing an application named App1 that will use Integrated Windows authentication as shown in the
following graphic.
Use the drop-down menus to select the answer area choice that completes each statement based on the
information presented in the graphic.
Hot Area:
Answer: 
Answer 1:
The external certificate is for server02.contoso.com, which is identical to the URL, so we can assume that is correct or we’d have to change a lot more.
Redirection isn’t needed since the external URL is already HTTPS.
So we configure the SPN, something akin to “HTTPS/server02.contoso.com”
Answer 2:
To quote Microsoft: “Web Application Proxy can translate host names in URLs, but cannot translate path names. Therefore, you can enter different host names, but you must enter the same path name. For example, you can enter an external URL of https://apps.contoso.com/app1/ and a backend server URL of http://app-server/app1/. However, you cannot enter an external URL of https://apps.contoso.com/app1/ and a backend server URL of https://apps.contoso.com/internal-app1/.”
In other words, if we use “*/publish/app1” as a backend, we need the same as the external URL.
9
0