SharePoint 2013 Event ID 8321 Topology

Alice01 46 Reputation points

I have done everything I can but nothing has solved it
Export and install SharePoint root certificate
Change the hosts file, to
Disable the automatic update of certificates

Please help

SharePoint Server Management
SharePoint Server Management
SharePoint Server: A family of Microsoft on-premises document management and storage systems.Management: The act or process of organizing, handling, directing or controlling something.
2,890 questions
{count} votes

1 answer

Sort by: Most helpful
  1. Echo Du_MSFT 17,141 Reputation points

    Hello @Alice01 ,

    The error comes about every 5 minutes. It is a topology error which says:


    In order to resolve this problem, the local trust relationship has to be created. This can be done by running the following PowerShell commands:

    $rootCert = (Get-SPCertificateAuthority).RootCertificate     
    New-SPTrustedRootAuthority -Name  "localNew" -Certificate  $rootCert  

    After running the above commands, perform an IISReset on all servers in the farm.

    More information, please refer to this article.

    Echo Du

    Updated Answer ======================

    Hi @Alice01 ,

    Typically, this error occurs on SharePoint servers which are running with no internet connectivity where SharePoint Root Authority was not added to Trusted Root Certification Authorities store (which is the default behaviour) .


    Please the following steps:

    Step 1: Export the SharePoint Root Authority certificate using PowerShell

    #Open SharePoint Management Shell   
    $SPRootCert = (Get-SPCertificateAuthority).RootCertificate  
    $SProotCert.Export("Cer") | Set-Content $RootCertFile –Encoding Byte  

    Step 2: Import the SharePoint Root Authority certificate into the Trusted Root Certificate store.

    Import-Certificate -FilePath $RootCertFile -CertStoreLocation Cert:\LocalMachine\Root  

    You can verify if the SharePoint root authority certificate is imported to trusted root certificate store by going to:

    • Start >> Run >> MMC >> File >> Add/Remove Snap-in
    • Click on Certificate >> Add >> Select computer account and click next >> select local computer and click finish.
    • Expend Certificate >> Trusted Root Certification Authorities >> Certificate
    • You should see "SharePoint Root Authority" there.


    Step3: Repeat these two steps in all SharePoint servers of the farm.

    Step4: IIS reset

    #Open SharePoint Management Shell   

    If it still does not work, please attach detailed screenshots or logs.

    Echo Du


    If an Answer is helpful, please click "Accept Answer" and upvote it.
    Note: Please follow the steps in our documentation to enable e-mail notifications if you want to receive the related email notification for this thread.