I have been trying to create a non-default certificate chain using modified version of an example posted https://msdn.microsoft.com/en-us/library/windows/desktop/aa382042(v=vs.85).aspx

    CERT_CHAIN_ENGINE_CONFIG chainConfig;
    HCERTCHAINENGINE hChainEngine;

    :: SecureZeroMemory (&chainConfig, sizeof (CERT_CHAIN_ENGINE_CONFIG));

    chainConfig.cbSize = sizeof(chainConfig);

    chainConfig.hRestrictedRoot = NULL;
    chainConfig.hRestrictedTrust = NULL;
    chainConfig.hRestrictedOther = NULL;

    // Following two parameters are optionally enabled.
    chainConfig.hExclusiveRoot = NULL;
    chainConfig.hExclusiveTrustedPeople = NULL;

    chainConfig.cAdditionalStore = 0;
    chainConfig.rghAdditionalStore = NULL;
    chainConfig.dwFlags = CERT_CHAIN_CACHE_END_CERT;
    chainConfig.dwUrlRetrievalTimeout = 0;
    chainConfig.MaximumCachedCertificates = 0;
    chainConfig.CycleDetectionModulus = 0;
    // optionally enabled following param.
    chainConfig.dwExclusiveFlags = CERT_CHAIN_EXCLUSIVE_ENABLE_CA_FLAG;

    if (!CertCreateCertificateChainEngine(&chainConfig, &hChainEngine))
    {
        // failure
    }

When I ran this program using Visual Studio 2010 - I could get a valid value of hChainEngine but while running the same program under VS 2013, I get an error E_INVALIDPARAM (0x80070057) (The parameter is incorrect.)

I tried every other combination possible to understand what went wrong but couldn't figure out which parameter here, the API doesn't like.

One thing I have observed is, while VS2010 points to a "C:\Program Files (x86)\Microsoft SDKs\Windows\v7.0A\Include" and VS2013 points to "C:\Program Files (x86)\Windows Kits\8.1\Include\um" which have different structure of _CERT_CHAIN_ENGINE_CONFIG. I tried to manage my structure allocation accordingly but no luck!

Can someone here please help me understand what is wrong here? Thanks

I have both versions of Visual Studio installed on Windows 7.