Domain-level redirect in _redirects succeeds, but in netlify.toml fails with 500 error

Netlify site name: skypilot.netlify.app

I created this netlify.toml file to redirect my site’s default subdomain to the primary domain:

[[redirects]]
from = "https://skypilot.netlify.app/*"
to = "https://www.skypilot.dev/:splat"
status = "301"
force = true

I’ve used the same redirect syntax in other sites without any issues. And the deploy summaries for this site always report

1 redirect rule processed
All redirect rules deployed without errors

But any deploy using the config fails with a 500 Internal Server Error. This happens for both deploy previews (e.g., 60fb8d8bf751300007989b01--skypilot.netlify.app) and branch deploys (next--skypilot.netlify.app). Because of the failures, I haven’t attempted to use it in the production branch.)

Here’s a sample request:

curl --verbose https://60fb8d8bf751300007989b01--skypilot.netlify.app

*   Trying 54.241.246.27...
* TCP_NODELAY set
* Connected to 60fb8d8bf751300007989b01--skypilot.netlify.app (54.241.246.27) port 443 (#0)
* ALPN, offering h2
* ALPN, offering http/1.1
* successfully set certificate verify locations:
*   CAfile: /etc/ssl/cert.pem
  CApath: none
* TLSv1.2 (OUT), TLS handshake, Client hello (1):
* TLSv1.2 (IN), TLS handshake, Server hello (2):
* TLSv1.2 (IN), TLS handshake, Certificate (11):
* TLSv1.2 (IN), TLS handshake, Server key exchange (12):
* TLSv1.2 (IN), TLS handshake, Server finished (14):
* TLSv1.2 (OUT), TLS handshake, Client key exchange (16):
* TLSv1.2 (OUT), TLS change cipher, Change cipher spec (1):
* TLSv1.2 (OUT), TLS handshake, Finished (20):
* TLSv1.2 (IN), TLS change cipher, Change cipher spec (1):
* TLSv1.2 (IN), TLS handshake, Finished (20):
* SSL connection using TLSv1.2 / ECDHE-ECDSA-AES256-GCM-SHA384
* ALPN, server accepted to use h2
* Server certificate:
*  subject: C=US; ST=California; L=San Francisco; O=Netlify, Inc; CN=*.netlify.app
*  start date: Mar  9 00:00:00 2021 GMT
*  expire date: Mar  1 23:59:59 2022 GMT
*  subjectAltName: host "60fb8d8bf751300007989b01--skypilot.netlify.app" matched cert's "*.netlify.app"
*  issuer: C=US; O=DigiCert Inc; CN=DigiCert TLS Hybrid ECC SHA384 2020 CA1
*  SSL certificate verify ok.
* Using HTTP2, server supports multi-use
* Connection state changed (HTTP/2 confirmed)
* Copying HTTP/2 data in stream buffer to connection buffer after upgrade: len=0
* Using Stream ID: 1 (easy handle 0x7f821400f800)
> GET / HTTP/2
> Host: 60fb8d8bf751300007989b01--skypilot.netlify.app
> User-Agent: curl/7.64.1
> Accept: */*
> 
* Connection state changed (MAX_CONCURRENT_STREAMS == 4294967295)!
< HTTP/2 500 
< content-length: 0
< date: Sat, 24 Jul 2021 15:43:12 GMT
< server: Netlify
< x-nf-request-id: 01FBCJYJ6M6G2WF4G7N9T8KAE6
< age: 0
< 
* Connection #0 to host 60fb8d8bf751300007989b01--skypilot.netlify.app left intact
* Closing connection 0

The same redirect succeeds if used in a _redirects file:

https://skypilot.netlify.app/* https://www.skypilot.dev/:splat 301!

Can you tell me why the redirect fails when configured in netlify.toml – and how to fix it?

Hey there, @williamthorsen

Thanks so much for reaching out and for writing such a detailed post. I took a look in the Forums, and it seems as though these two threads may have some clues to help you get on the right track:

Additionally, this Support Guide is a good port of call for debugging redirects issues:

Can you take a look at those resources and walk through the suggestions? If at the end of that you are still encountering your error, please let us know and I can loop in a Support Engineer

Try changing it to

[[redirects]]
  from = "https://skypilot.netlify.app/*"
  to = "https://www.skypilot.dev/:splat"
  status = 301
  force = true

Thanks for finding the solution: status has to be a numeric value, not a string.