diff --git a/jetty-util/src/main/java/org/eclipse/jetty/util/ssl/SslContextFactory.java b/jetty-util/src/main/java/org/eclipse/jetty/util/ssl/SslContextFactory.java
index 9e65738728f..7fc7d2edeba 100644
--- a/jetty-util/src/main/java/org/eclipse/jetty/util/ssl/SslContextFactory.java
+++ b/jetty-util/src/main/java/org/eclipse/jetty/util/ssl/SslContextFactory.java
@@ -78,16 +78,12 @@ import org.eclipse.jetty.util.security.CertificateUtils;
 import org.eclipse.jetty.util.security.CertificateValidator;
 import org.eclipse.jetty.util.security.Password;
 
-
 /**
  * SslContextFactory is used to configure SSL connectors
  * as well as HttpClient. It holds all SSL parameters and
  * creates SSL context based on these parameters to be
  * used by the SSL connectors.
  */
-
-/**
- */
 public class SslContextFactory extends AbstractLifeCycle
 {
     public final static TrustManager[] TRUST_ALL_CERTS = new X509TrustManager[]{new X509TrustManager()
@@ -106,7 +102,7 @@ public class SslContextFactory extends AbstractLifeCycle
         }
     }};
 
-    static final Logger LOG = Log.getLogger(SslContextFactory.class);
+    private static final Logger LOG = Log.getLogger(SslContextFactory.class);
 
     public static final String DEFAULT_KEYMANAGERFACTORY_ALGORITHM =
         (Security.getProperty("ssl.KeyManagerFactory.algorithm") == null ?
@@ -228,9 +224,6 @@ public class SslContextFactory extends AbstractLifeCycle
 
     protected Factory _factory;
 
-
-
-
     /**
      * Construct an instance of SslContextFactory
      * Default constructor for use in XmlConfiguration files
@@ -1096,7 +1089,8 @@ public class SslContextFactory extends AbstractLifeCycle
             }
         }
 
-        LOG.debug("managers={} for {}",managers,this);
+        if (LOG.isDebugEnabled())
+            LOG.debug("managers={} for {}",managers,this);
 
         return managers;
     }
@@ -1183,18 +1177,13 @@ public class SslContextFactory extends AbstractLifeCycle
         else
             selected_protocols.addAll(Arrays.asList(enabledProtocols));
 
-
         // Remove any excluded protocols
         selected_protocols.removeAll(_excludeProtocols);
 
-
         if (selected_protocols.isEmpty())
             LOG.warn("No selected protocols from {}",Arrays.asList(supportedProtocols));
 
         _selectedProtocols = selected_protocols.toArray(new String[selected_protocols.size()]);
-
-
-
     }
 
     /**
@@ -1459,7 +1448,6 @@ public class SslContextFactory extends AbstractLifeCycle
         _sslSessionTimeout = sslSessionTimeout;
     }
 
-
     public SSLServerSocket newSslServerSocket(String host,int port,int backlog) throws IOException
     {
         checkIsStarted();
@@ -1549,7 +1537,7 @@ public class SslContextFactory extends AbstractLifeCycle
     /**
      * Customize an SslEngine instance with the configuration of this factory,
      * by calling {@link #customize(SSLParameters)}
-     * @param sslEngine
+     * @param sslEngine the SSLEngine to customize
      */
     public void customize(SSLEngine sslEngine)
     {
@@ -1569,7 +1557,7 @@ public class SslContextFactory extends AbstractLifeCycle
         sslParams.setEndpointIdentificationAlgorithm(_endpointIdentificationAlgorithm);
         sslParams.setUseCipherSuitesOrder(_useCipherSuitesOrder);
         if (!_certHosts.isEmpty() || !_certWilds.isEmpty())
-            sslParams.setSNIMatchers(Collections.singletonList((SNIMatcher)new AliasSNIMatcher()));
+            sslParams.setSNIMatchers(Collections.singletonList(new AliasSNIMatcher()));
         if (_selectedCipherSuites!=null)
             sslParams.setCipherSuites(_selectedCipherSuites);
         if (_selectedProtocols!=null)