We have a Java application that uses RxTx to update the firmware of our game console. To avoid security alerts when a user launches the Java application on our website via WebStart, we have purchased Trusted certificate and the app was signed with that certificate. All checks show that it was successfully signed and if I launch the app through Safari using Java 1.6.0_41 on a Mac (OS X 10.6.8) it fails without launches without any complaints.
However, if I launch it using IE9 on a Windows 8 machine, I get a warning: "Do you want to run this application? This application will start with no Runs with restricted access, which may put your computer and personal information at risk. Only trust the publisher when you run this application. The digital signature for this application has expired. More information".
If I click "More Info" it says "This application will have unrestricted access to your personal files and other facilities (webcam, microphone) on your computer.
While the application has a digital signature, the application's associated files (JNLP) do not. Digital signatures ensure that the file comes from the vendor and that the file has not been altered.