diff --git a/src/Aspire.Hosting.Keycloak/KeycloakResourceBuilderExtensions.cs b/src/Aspire.Hosting.Keycloak/KeycloakResourceBuilderExtensions.cs
index 773b514e06..185be32d16 100644
--- a/src/Aspire.Hosting.Keycloak/KeycloakResourceBuilderExtensions.cs
+++ b/src/Aspire.Hosting.Keycloak/KeycloakResourceBuilderExtensions.cs
@@ -14,6 +14,9 @@ public static class KeycloakResourceBuilderExtensions
     private const string AdminEnvVarName = "KC_BOOTSTRAP_ADMIN_USERNAME";
     private const string AdminPasswordEnvVarName = "KC_BOOTSTRAP_ADMIN_PASSWORD";
     private const string HealthCheckEnvVarName = "KC_HEALTH_ENABLED"; // As per https://www.keycloak.org/observability/health
+    private const string HttpEnabledEnvVarName = "KC_HTTP_ENABLED";
+    private const string ProxyHeadersEnvVarName = "KC_PROXY_HEADERS";
+    private const string HostNameStrictEnvVarName = "KC_HOSTNAME_STRICT";
 
     private const int DefaultContainerPort = 8080;
     private const int ManagementInterfaceContainerPort = 9000; // As per https://www.keycloak.org/server/management-interface
@@ -69,6 +72,9 @@ public static IResourceBuilder<KeycloakResource> AddKeycloak(
                 context.EnvironmentVariables[AdminEnvVarName] = resource.AdminReference;
                 context.EnvironmentVariables[AdminPasswordEnvVarName] = resource.AdminPasswordParameter;
                 context.EnvironmentVariables[HealthCheckEnvVarName] = "true";
+                context.EnvironmentVariables[HttpEnabledEnvVarName] = "true";
+                context.EnvironmentVariables[ProxyHeadersEnvVarName] = "xforwarded";
+                context.EnvironmentVariables[HostNameStrictEnvVarName] = "false";
             })
             .WithUrlForEndpoint(ManagementEndpointName, u => u.DisplayLocation = UrlDisplayLocation.DetailsOnly);
 
diff --git a/tests/Aspire.Hosting.Keycloak.Tests/KeycloakResourceBuilderTests.cs b/tests/Aspire.Hosting.Keycloak.Tests/KeycloakResourceBuilderTests.cs
index 4fa9d482af..297ea013e5 100644
--- a/tests/Aspire.Hosting.Keycloak.Tests/KeycloakResourceBuilderTests.cs
+++ b/tests/Aspire.Hosting.Keycloak.Tests/KeycloakResourceBuilderTests.cs
@@ -125,7 +125,10 @@ public async Task VerifyManifest()
               "env": {
                 "KC_BOOTSTRAP_ADMIN_USERNAME": "admin",
                 "KC_BOOTSTRAP_ADMIN_PASSWORD": "{keycloak-password.value}",
-                "KC_HEALTH_ENABLED": "true"
+                "KC_HEALTH_ENABLED": "true",
+                "KC_HTTP_ENABLED": "true",
+                "KC_PROXY_HEADERS": "xforwarded",
+                "KC_HOSTNAME_STRICT": "false"
               },
               "bindings": {
                 "http": {