However, unless you specify the keystore, we do NO validation that the certificate provided by the server you are connecting. As we decided that most of these programs are run on an internal network (ie not over the Internet) that the chances of a server bing hijacked would be extremely low compared to the hassle of making a keystore work.