diff --git a/atst/app.py b/atst/app.py
index 31eb6f85..3ac05780 100644
--- a/atst/app.py
+++ b/atst/app.py
@@ -193,7 +193,7 @@ def make_config(direct_config=None):
     )
     OVERRIDE_CONFIG_FILENAME = os.getenv("OVERRIDE_CONFIG_FULLPATH")
 
-    config = ConfigParser()
+    config = ConfigParser(allow_no_value=True)
     config.optionxform = str
 
     config_files = [BASE_CONFIG_FILENAME, ENV_CONFIG_FILENAME]
diff --git a/config/base.ini b/config/base.ini
index c034cc7a..40bf1c14 100644
--- a/config/base.ini
+++ b/config/base.ini
@@ -25,6 +25,7 @@ REDIS_URI = redis://localhost:6379
 RQ_QUEUES = atat_%(ENVIRONMENT)s
 SECRET = change_me_into_something_secret
 SECRET_KEY = change_me_into_something_secret
+SERVER_NAME
 SESSION_COOKIE_NAME=atat
 SESSION_TYPE = redis
 SESSION_USE_SIGNER = True
diff --git a/deploy/aws/atst-worker-envvars-configmap.yml b/deploy/aws/atst-worker-envvars-configmap.yml
index c1f8edde..bcd4334d 100644
--- a/deploy/aws/atst-worker-envvars-configmap.yml
+++ b/deploy/aws/atst-worker-envvars-configmap.yml
@@ -7,4 +7,4 @@ metadata:
 data:
   TZ: UTC
   DISABLE_CRL_CHECK: "True"
-  CRL_STORAGE_PROVIDER: CLOUDFILES
+  SERVER_NAME: aws.atat.code.mil
diff --git a/deploy/azure/atst-worker-envvars-configmap.yml b/deploy/azure/atst-worker-envvars-configmap.yml
index c1f8edde..c5f2ffc7 100644
--- a/deploy/azure/atst-worker-envvars-configmap.yml
+++ b/deploy/azure/atst-worker-envvars-configmap.yml
@@ -7,4 +7,4 @@ metadata:
 data:
   TZ: UTC
   DISABLE_CRL_CHECK: "True"
-  CRL_STORAGE_PROVIDER: CLOUDFILES
+  SERVER_NAME: azure.atat.code.mil
diff --git a/tests/test_auth.py b/tests/test_auth.py
index cec65246..903cb23d 100644
--- a/tests/test_auth.py
+++ b/tests/test_auth.py
@@ -89,16 +89,17 @@ def protected_routes(app):
 
 
 def test_protected_routes_redirect_to_login(client, app):
+    server_name = app.config.get("SERVER_NAME") or "localhost"
     for rule, protected_route in protected_routes(app):
         if "GET" in rule.methods:
             resp = client.get(protected_route)
             assert resp.status_code == 302
-            assert "http://localhost/" in resp.headers["Location"]
+            assert server_name in resp.headers["Location"]
 
         if "POST" in rule.methods:
             resp = client.post(protected_route)
             assert resp.status_code == 302
-            assert "http://localhost/" in resp.headers["Location"]
+            assert server_name in resp.headers["Location"]
 
 
 def test_get_protected_route_encodes_redirect(client):