diff --git a/scripts/_common.sh b/scripts/_common.sh
index d96fb6a..df044ce 100644
--- a/scripts/_common.sh
+++ b/scripts/_common.sh
@@ -3,9 +3,13 @@
 #   - plaintext http is only allowed to localhost (to avoid leaking credentials on the network)
 #   - http(s) destination is webroot, no additional component allowed (eg. http://localhost:1234/test is invalid)
 rp_validate_proxy_path() {
-    if [[ ! $proxy_path =~ '^unix:/' ]]; then
+    if [[ "$proxy_path" == unix:/* ]]; then
+        # Final nginx config is http://unix:/path/to.socket
+        proxy_path="http://$proxy_path"
+    elif [[ ! "$proxy_path" == http://unix:/* ]]; then
+        # Not unix domain socket... check URL is localhost
         url_regex='^(http://(127\.[0-9]+\.[0-9]+\.[0-9]+|localhost)|https://.*)(:[0-9]+)?(/.*)?$'
-        [[ ! $proxy_path =~ $url_regex ]] && ynh_die \
+        [[ ! "$proxy_path" =~ $url_regex ]] && ynh_die \
         "For secure reason, you can't use an unencrypted http remote destination couple with ssowat for your reverse proxy: $proxy_path" 1
     fi