The phonebook.xml download only works when the password and authentication is disabled. Meaning it will only download when the download does not require username and password.
It is crazy that it can download the provisioning file as secure but it doesn’t download the phonebook.xml when the authentication is required.
I am not sure if it is related to the rewrite rule, but I don’t think it is, because otherwise I wouldn’t be able to download/access it from browser too.
For me it works on browser using authentication (by going to the link https://username:email@example.com/app/provision/pb/000b82b9853f/phonebook.xml
I checked nginx access.log. It is like this:
IP.A.DD.RESS - username [12/Nov/2019:20:32:25 +0000] “GET /app/provision/pb/000b82b9853f/phonebook.xml HTTP/1.1” 401 23 “-” “Grandstream Model HW GXP2170 SW 184.108.40.206 DevId 000b82b9853f”
that 401 means unauthorized.
So the browser can access it secured but the phone can only can access it unsecured.
It is a puzzle, and I will so much appreciate a helping hand.
Note: In case you are wondering, the password and username are correct.
Product Model GXP2170