HTTPS between two port forwarded domains in Azure, problematic?

I'm not too comfortable with these things, but quite possibly what I'm asking is trivial.

I have a site hosted at foo.azurewebsites.net

And also an API at bar.azurewebsites.net (WEB API as an API app)

I then forwarded oof.mysite.com to foo.azurewebsites.net

This all worked nicely.

Next, I configured oof.mysite.com to use HTTPS through a certificate valid for *.mysite.com. Now, however, the communication to the API stopped working. Not too surprising perhaps, seeing how it was HTTPS to HTTP communication.

So naturally, I want to use the *.mysite.com certificate for the API too. So now I'm (well, my colleague) trying to forward rab.mysite.com to bar.azurewebsites.net but I can't see to get this IP forwarding to work in the Azure portal (the DNS propagation has already happened.)

I guess I'm asking two things:

1) Does IP forwarding to Azure API apps work differently from doing so to web apps?

2) Is there something inherently wrong in the general architecture of things?