In my recent project I have setup ssl and deployed it on server. All the applications page were being served over https but some static contents were being served from http and it showed that the application is not secure. After lot of searching I found the solution. In Grails Application if you look into Config.groovy file you will find the settings for adhoc pattern
grails.resources.adhoc.patterns = ['/images/*', '/css/*', '/js/*', '/plugins/*']
If you have created any subfolder in images, css or js then you have to define the adhoc patterns as follows
grails.resources.adhoc.patterns = ['/images/**/*', '/css/**/*', '/js/**/*', '/plugins/*']
Otherwise static content will be served over http.
Hope this will help.