2.14 redirecting mtc.js to insecure/non-ssl?

I recently updated to 2.14
I’m noticing that my mautic script is throwing mixed content/insecure warnings and is calling http://mautic.example.com/mtc.js even though:

  • the original page is at https://example.com
  • the mautic script calls https://mautic.example.com/index.php/mtc.js
  • both sites have valid letsencrypt SSL certs
  • Mautic’s Site URL is set to https://
  • I have deleted app/cache/prod
  • I am not using a CDN or advanced cache

Side notes:

  • I’m running mautic in a Cloudways.com managed app on a DigitalOcean droplet. I do notice that after upgrades I need to reset file permissions
  • Mautic > System Info > Error log throws a couple of minor-looking Doctriney errors about AbstractProxyFactory.php but everything seems to be working
  • I see that in ~line 75 of mtc.js there is a call to mautic.example.com/mtc (no /index.php/); I figure it’s either that line (which uses (l.protocol==‘https:’?‘https:’:‘https:’)) or some kind of app routing is going wrong
  • I’m pretty sure this started with 2.14, but not 100% (hadn’t examined my Mautic scripts for a little bit prior to updating)

You can test at:
(mautic mtc.js is at https://demo.fundzen.com/index.php/mtc.js)