I have followed this tutorial:
http://technet.microsoft.com/en-us/library/fp161236(v=office.15).aspx
The SharePoint 2013 server is behind a Forefront TMG 2010 firewall. I have configured a SharePoint site publishing rule to allow access to the main SharePoint site collection athttps://sp13.mydomain.com using a wildcard certificate for *.mydomain.com.
This is working properly. I also need to allow *.mydomainapps.com through the firewall. I have configured wildcard dns for *.mydomainapps.com and I also have a wildcard certificate for *.mydomainapps.com.
I am not sure how to configure a site publishing rule to allow *.mydomainapps.com to go to port 443 on the internal SharePoint site from the external interface. Is there a best practices TechNet article describing Forefront TMG 2010 setup for a SharePoint 2013 server environment configured for Apps? Also, where do I install the wildcard certificate for *.mydomainapps.com on the SharePoint server? Do I need to assign bindings for an iis site?