Errors and Solutions Event Log Performance Optimization SharePoint 2013 SharePoint 2016 

Event ID 8321: A certificate validation operation took X milliseconds and has exceeded the execution time threshold

Salaudeen Rajack 4 Comments

Problem: 
Event ID 8321 logged multiple times in the SharePoint 2013 Application server’s Event Log, with the message “A certificate validation operation took 1500.8983 milliseconds and has exceeded the execution time threshold. If this continues to occur, it may represent a configuration issue. Please see https://go.microsoft.com/fwlink/?LinkId=246987 for more details.” and SharePoint pages were loading very slow!

A certificate validation operation took 1500.8983 milliseconds and has exceeded the execution time threshold.

Root cause:

Typically, this error occurs on SharePoint servers that are running with no internet connectivity where SharePoint Root Authority was not added to the Trusted Root Certification Authorities store (which is the default behavior!).

Solution:

Install SharePoint Root Authority certificate to the Trusted Root Certification Authorities store. Here is how to fix this error step by step.

Step 1: Export the SharePoint Root Authority certificate using PowerShell
Open SharePoint Management Shell and execute these PowerShell scripts.

$RootCertFile="C:\SPRootCert.cer"
$SPRootCert = (Get-SPCertificateAuthority).RootCertificate
$SProotCert.Export("Cer") | Set-Content $RootCertFile -Encoding Byte

This script produces a certificate at the “C:\SPRootCert.cer” file. The next step is to import this certificate into the trusted root certificate store.

Step 2: Import the SharePoint Root Authority certificate into the Trusted Root Certificate store.

$RootCertFile="C:\SPRootCert.cer"
Import-Certificate -FilePath $RootCertFile -CertStoreLocation Cert:\LocalMachine\Root

You can verify if the SharePoint root authority certificate is imported to trusted root certificate store by going to:

  • Start >> Run >> MMC >> File >> Add/Remove Snap-in 
  • Click on Certificate >> Add >> Select computer account and click next >> select local computer and click finish.
  • Expend Certificate >> Trusted Root Certification Authorities >> Certificate
  • You should see “SharePoint Root Authority” there!
    fix sharepoint certificate validation operation took exceeded execution time threshold

Repeat these two steps in all SharePoint servers of the farm.

Microsoft KB addressing this issue: https://support.microsoft.com/en-us/help/2625048/site-slowness-because-of-sharepoint-sts-certificate-crl-checking

Salaudeen Rajack

Salaudeen Rajack - SharePoint Expert with Two decades of SharePoint Experience. Love to Share my knowledge and experience with the SharePoint community, through real-time articles!

4 thoughts on “Event ID 8321: A certificate validation operation took X milliseconds and has exceeded the execution time threshold

  • Thanks, very helped 🙂

    Reply

  • Do anyone get any solution for this issue?

    Reply

  • Still get the same error even after trying this. Farm does not have access to Internet.

    Reply

    • Did you resolve it? I am in the same situation.

      Reply

Leave a Reply

Your email address will not be published. Required fields are marked *