I've got an internal only app that I've historically self-signed. With the latest version of Java, self-signing for JNLP is deprecated. I have also experienced strange problems with opening sockets from self-signed apps with Java 7U25 (but work fine when run as a normal jar from the command line).
Is there a way to do JNLP without signing at all? Given that it's an internal only app, signing is not necessary (to me). I really don't want to spend money buying a certificate when it's not truly necessary.
It seems that the coming Java 7u40 recognises the need for a solution and provides a new feature:
In an enterprise that provides a common execution environment and manages the applications that employees access, the Deployment Rule Set feature enables the enterprise to establish a whitelist and a blacklist of known applications.