I have been trying to create a non-default certificate chain using modified version of an example posted https://msdn.microsoft.com/en-us/library/windows/desktop/aa382042(v=vs.85).aspx
CERT_CHAIN_ENGINE_CONFIG chainConfig;
HCERTCHAINENGINE hChainEngine;
:: SecureZeroMemory (&chainConfig, sizeof (CERT_CHAIN_ENGINE_CONFIG));
chainConfig.cbSize = sizeof(chainConfig);
chainConfig.hRestrictedRoot = NULL;
chainConfig.hRestrictedTrust = NULL;
chainConfig.hRestrictedOther = NULL;
// Following two parameters are optionally enabled.
chainConfig.hExclusiveRoot = NULL;
chainConfig.hExclusiveTrustedPeople = NULL;
chainConfig.cAdditionalStore = 0;
chainConfig.rghAdditionalStore = NULL;
chainConfig.dwFlags = CERT_CHAIN_CACHE_END_CERT;
chainConfig.dwUrlRetrievalTimeout = 0;
chainConfig.MaximumCachedCertificates = 0;
chainConfig.CycleDetectionModulus = 0;
// optionally enabled following param.
chainConfig.dwExclusiveFlags = CERT_CHAIN_EXCLUSIVE_ENABLE_CA_FLAG;
if (!CertCreateCertificateChainEngine(&chainConfig, &hChainEngine))
{
// failure
}
When I ran this program using Visual Studio 2010 - I could get a valid value of hChainEngine but while running the same program under VS 2013, I get an error E_INVALIDPARAM (0x80070057) (The parameter is incorrect.)
I tried every other combination possible to understand what went wrong but couldn't figure out which parameter here, the API doesn't like.
One thing I have observed is, while VS2010 points to a "C:\Program Files (x86)\Microsoft SDKs\Windows\v7.0A\Include" and VS2013 points to "C:\Program Files (x86)\Windows Kits\8.1\Include\um" which have different structure of _CERT_CHAIN_ENGINE_CONFIG. I tried to manage my structure allocation accordingly but no luck!
Can someone here please help me understand what is wrong here? Thanks
I have both versions of Visual Studio installed on Windows 7.
