Unable to generate token

Error Message

Registering an ArcGIS Online connection as a data store in ArcGIS GeoEvent Server fails, returning the following error message:

Error:   
Unable to generate token.

An error is also returned in the GeoEvent Manager logs:

Error:   
Could not parse token from ArcGIS Online.

Cause

ArcGIS GeoEvent Server does not trust ArcGIS Online due to additional proxy rules in the organization's enterprise environment.

Solution or Workaround

Export the root and intermediate certificates from ArcGIS Online, and import them into ArcGIS Server.

1. Launch a web browser, and navigate to ArcGIS Online.

Note:
Esri recommends using the Google Chrome web browser.

2. Press F12 to open Developer Tools. Select the Security tab, and click View certificate to open the certificate details window.
3. Click Certification Path, and select the topmost certificate in the Certification path window. This is the root certificate.
4. Select View Certificate > Details > Copy to File.... Go through the Certificate Export Wizard, and save the certificate as rootcert. Click OK to close the root certificate details window.
   Repeat this process for each certificate listed in the Certification path window, and name each certificate to differentiate them.
5. Navigate to the ArcGIS Server admin endpoint where ArcGIS GeoEvent Server is installed, and log in with an administrator account.
6. Navigate to machines > machine_Name > sslcertificates > importRootOrIntermediate.
7. Click Choose File to select the root certificate saved in Step 4, and enter a name for the root certificate in the Alias field. Click Import.
   Repeat this process for each certificate saved in Step 4, in the order they were saved.
8. Restart the ArcGIS Server and ArcGIS GeoEvent Server Windows services on the ArcGIS GeoEvent Server machine.