I set-up a small local project consisting of Gatekeeper, Keycloak, and a “Hello World” Java web application.

1. I instructed Gatekeeper to secure - uri: /UnsecureApplication/*.
2. I navigated to https://gatekeeper.com:3000/UnsecureApplication (missing trailing slash).
3. The web application responded with HTTP 301 to https://unsecure-application.com:8181/UnsecureApplication/ (with trailing slash).

Now, in my case for this local example I can reach unsecure-application.com, but in a real implementation this would only be reachable on the private network.

How can I instruct Gatekeeper to rewrite the HTTP 301 response location header to from unsecure-application.com to gatekeeper.com? If this the best solution?

When it comes to proxies and networks I am a beginner, so my apologies if this is off base.

That is not right task for Gatekeeper. Your app should be aware that is behind reverse proxy and app should use proper host from request header (e.g. from X-Forwarded-Host) instead of current Host header.