diff --git a/docker/haproxy/haproxy-behind.conf b/docker/haproxy/haproxy-behind.conf
index 89487ae..b25d64e 100644
--- a/docker/haproxy/haproxy-behind.conf
+++ b/docker/haproxy/haproxy-behind.conf
@@ -93,7 +93,7 @@ backend be_sso
   acl existing-x-forwarded-proto req.hdr(X-Forwarded-Proto) -m found
   http-request add-header X-Forwarded-Host %[req.hdr(Host)] unless existing-x-forwarded-host
   http-request add-header X-Forwarded-Proto https unless existing-x-forwarded-proto
-  http-response replace-value Set-Cookie (KEYCLOAK_LOCALE=[^;]*);(.*) \1;domain=digitaldemocratic.net;\2
+  http-response replace-value Set-Cookie (KEYCLOAK_LOCALE=[^;]*);(.*) \1;domain="${DOMAIN}";\2
 	server keycloak isard-sso-keycloak:8080 check port 8080 inter 5s rise 2 fall 10 resolvers mydns init-addr none
 
 backend be_admin
diff --git a/docker/haproxy/haproxy.conf b/docker/haproxy/haproxy.conf
index 2c5f884..57ab31b 100644
--- a/docker/haproxy/haproxy.conf
+++ b/docker/haproxy/haproxy.conf
@@ -100,7 +100,7 @@ backend be_sso
   acl existing-x-forwarded-proto req.hdr(X-Forwarded-Proto) -m found
   http-request add-header X-Forwarded-Host %[req.hdr(Host)] unless existing-x-forwarded-host
   http-request add-header X-Forwarded-Proto https unless existing-x-forwarded-proto
-  http-response replace-value Set-Cookie (KEYCLOAK_LOCALE=[^;]*);(.*) \1;domain=digitaldemocratic.net;\2
+  http-response replace-value Set-Cookie (KEYCLOAK_LOCALE=[^;]*);(.*) \1;domain="${DOMAIN}";\2
 	server keycloak isard-sso-keycloak:8080 check port 8080 inter 5s rise 2 fall 10 resolvers mydns init-addr none
 
 backend be_admin