diff --git a/java/ql/src/experimental/Security/CWE/CWE-273/UnsafeCertTrust.ql b/java/ql/src/experimental/Security/CWE/CWE-273/UnsafeCertTrust.ql
index 7df3a354826..ce066d70ca6 100644
--- a/java/ql/src/experimental/Security/CWE/CWE-273/UnsafeCertTrust.ql
+++ b/java/ql/src/experimental/Security/CWE/CWE-273/UnsafeCertTrust.ql
@@ -1,8 +1,8 @@
 /**
- * @id java/unsafe-cert-trust
  * @name Unsafe implementation of trusting any certificate or missing hostname verification in SSL configuration
  * @description Unsafe implementation of the interface X509TrustManager, HostnameVerifier, and SSLSocket/SSLEngine ignores all SSL certificate validation errors when establishing an HTTPS connection, thereby making the app vulnerable to man-in-the-middle attacks.
  * @kind problem
+ * @id java/unsafe-cert-trust
  * @tags security
  *       external/cwe-273
  */
@@ -225,4 +225,5 @@ where
   aa instanceof X509TrustAllManagerInit or
   aa instanceof SSLEndpointIdentificationNotSet or
   aa instanceof RabbitMQEnableHostnameVerificationNotSet
-select aa, "Unsafe configuration of trusted certificates"
\ No newline at end of file
+select aa, "Unsafe configuration of trusted certificates"
+