diff --git a/site/profile/manifests/freeipa.pp b/site/profile/manifests/freeipa.pp
index da56f7350..0df0cf325 100644
--- a/site/profile/manifests/freeipa.pp
+++ b/site/profile/manifests/freeipa.pp
@@ -203,6 +203,7 @@
     mode   => '0755',
   }
 
+  $proxy_domain = lookup('profile::reverse_proxy::domain_name')
   $ipa_domain = lookup('profile::freeipa::base::ipa_domain')
 
   package { 'ipa-server-dns':
@@ -392,9 +393,9 @@
     content => epp(
       'profile/freeipa/ipa-rewrite.conf',
       {
-        'referee'     => $fqdn,
-        'referer'     => "ipa.${ipa_domain}",
-        'referer_int' => "ipa.${ipa_domain}",
+        'referee'           => $fqdn,
+        'external_hostname' => "ipa.${proxy_domain}",
+        'internal_hosntmae' => "ipa.${ipa_domain}",
       }
     ),
     notify  => Service['httpd'],
diff --git a/site/profile/templates/freeipa/ipa-rewrite.conf.epp b/site/profile/templates/freeipa/ipa-rewrite.conf.epp
index 31f6fbcac..1c302de8a 100644
--- a/site/profile/templates/freeipa/ipa-rewrite.conf.epp
+++ b/site/profile/templates/freeipa/ipa-rewrite.conf.epp
@@ -9,5 +9,5 @@ RewriteRule ^/$ /ipa/ui [L,NC,R=301]
 # Rewrite for plugin index, make it like it's a static file
 RewriteRule ^/ipa/ui/js/freeipa/plugins.js$    /ipa/wsgi/plugins.py [PT]
 
-RequestHeader edit Referer ^https://<%= regsubst("${referer}", '\.', '\.', 'G') %> https://<%= $referee %>
-RequestHeader edit Referer ^https://<%= regsubst("${referer_int}", '\.', '\.', 'G') %> https://<%= $referee %>
+RequestHeader edit Referer ^https://<%= regsubst("${external_hostname}", '\.', '\.', 'G') %> https://<%= $referee %>
+RequestHeader edit Referer ^https://<%= regsubst("${internal_hostname}", '\.', '\.', 'G') %> https://<%= $referee %>