diff --git a/java/ql/lib/semmle/code/java/security/UnsafeCertTrustQuery.qll b/java/ql/lib/semmle/code/java/security/UnsafeCertTrustQuery.qll
index 05bd9825a58..767b86d4e41 100644
--- a/java/ql/lib/semmle/code/java/security/UnsafeCertTrustQuery.qll
+++ b/java/ql/lib/semmle/code/java/security/UnsafeCertTrustQuery.qll
@@ -60,6 +60,6 @@ private class SafeSetEndpointIdentificationAlgorithm extends MethodAccess {
     this.getMethod().hasName("setEndpointIdentificationAlgorithm") and
     this.getMethod().getDeclaringType() instanceof SSLParameters and
     not this.getArgument(0) instanceof NullLiteral and
-    not this.getArgument(0).(CompileTimeConstantExpr).getStringValue().length() = 0
+    not this.getArgument(0).(CompileTimeConstantExpr).getStringValue() = ""
   }
 }
diff --git a/java/ql/src/Security/CWE/CWE-273/UnsafeCertTrust.ql b/java/ql/src/Security/CWE/CWE-273/UnsafeCertTrust.ql
index 12f20b40c93..13e1375d164 100644
--- a/java/ql/src/Security/CWE/CWE-273/UnsafeCertTrust.ql
+++ b/java/ql/src/Security/CWE/CWE-273/UnsafeCertTrust.ql
@@ -20,4 +20,4 @@ where
   exists(SslEndpointIdentificationFlowConfig config |
     config.hasFlowTo(DataFlow::exprNode(unsafeTrust))
   )
-select unsafeTrust, "Unsafe configuration of trusted certificates"
+select unsafeTrust, "Unsafe configuration of trusted certificates."