Thank you David,
Undoubtedly the driver must be signed and it is signed.
The problem arose when the sign is not enough in Win10 >1607 and SecureBoot (UEFI BIOS).
The recommended way is submitting the driver for MS attestation and resigning (cross signing) by MS (via sysdev portal). After resigning the problem will be solved.
BUT (how it could be without buts and ifs), the submission requires granting MS some rights (to distribute the driver etc).
The driver however is a part of a corporate system and formally is under our trade secret conditions. It?s just our company policy.
So granting such rights to a third party (in spite of trusted or not) is not a good way to move forward seamlessly. The subject is under discussion with our law dept at the moment.
I am utterly not sure that the dept would grant such permissions to a third party, so looking for a workaround (not based on disabling Secure Boot completely of course)
Thank you,
Serge