diff --git a/manifests/haproxy.pp b/manifests/haproxy.pp
index b33ec67d5..78592310e 100644
--- a/manifests/haproxy.pp
+++ b/manifests/haproxy.pp
@@ -1302,7 +1302,7 @@ class tripleo::haproxy (
   }
   if $service_certificate {
     $heat_ssl_options = {
-      'rsprep' => "^Location:\\ http://${public_virtual_ip}(.*) Location:\\ https://${public_virtual_ip}\\1",
+      'http-response' => "replace-header Location http://${public_virtual_ip}(.*) https://${public_virtual_ip}\\1",
     }
     $heat_listen_options = merge($default_listen_options, $heat_ssl_options, $heat_timeout_options)
     $heat_frontend_options = merge($default_frontend_options, $heat_ssl_options, $heat_timeout_options)
diff --git a/manifests/haproxy/endpoint.pp b/manifests/haproxy/endpoint.pp
index 68790b6e6..c82d84d5e 100644
--- a/manifests/haproxy/endpoint.pp
+++ b/manifests/haproxy/endpoint.pp
@@ -190,9 +190,9 @@ define tripleo::haproxy::endpoint (
     if $public_certificate {
       if $mode == 'http' {
         $tls_listen_options = {
-          'rsprep'       => '^Location:\ http://(.*) Location:\ https://\1',
-          'redirect'     => "scheme https code 301 if { hdr(host) -i ${public_virtual_ip} } !{ ssl_fc }",
-          'option'       => 'forwardfor',
+          'http-response' => 'replace-header Location http://(.*) https://\\1',
+          'redirect'      => "scheme https code 301 if { hdr(host) -i ${public_virtual_ip} } !{ ssl_fc }",
+          'option'        => 'forwardfor',
         }
         $listen_options_precookie = merge($tls_listen_options, $listen_options, $custom_options)
         $frontend_options_precookie = merge($tls_listen_options, $frontend_options, $custom_frontend_options)
diff --git a/manifests/haproxy/horizon_endpoint.pp b/manifests/haproxy/horizon_endpoint.pp
index 43f2acf34..eba664855 100644
--- a/manifests/haproxy/horizon_endpoint.pp
+++ b/manifests/haproxy/horizon_endpoint.pp
@@ -129,11 +129,11 @@ class tripleo::haproxy::horizon_endpoint (
       "${public_virtual_ip}:443" => union($haproxy_listen_bind_param, ['ssl', 'crt', $public_certificate], $custom_bind_options_public),
     }
     $horizon_frontend_options = {
-      'rsprep'       => '^Location:\ http://(.*) Location:\ https://\1',
+      'http-response' => 'replace-header Location http://(.*) https://\\1',
       # NOTE(jaosorior): We always redirect to https for the public_virtual_ip.
-      'redirect'     => 'scheme https code 301 if !{ ssl_fc }',
-      'option'       => [ 'forwardfor' ],
-      'http-request' => [
+      'redirect'      => 'scheme https code 301 if !{ ssl_fc }',
+      'option'        => [ 'forwardfor' ],
+      'http-request'  => [
           'set-header X-Forwarded-Proto https if { ssl_fc }',
           'set-header X-Forwarded-Proto http if !{ ssl_fc }'],
     }