Title says it all.
URLs with a dot at the start of the path such as .well-known return 503 when being accessed via WAP, but work when accessed directly.
The same issue has been discussed here and is STILL broken in Server 2016 with the latest updates.
https://social.technet.microsoft.com/Forums/windows/en-US/0fbc56d9-1041-464e-b519-d351b72827c7/web-application-proxy-2016-blocks-access-to-wellknown?forum=ADFS
