diff --git a/trojan.sh b/trojan.sh
index 360db8e..ee1c357 100644
--- a/trojan.sh
+++ b/trojan.sh
@@ -293,22 +293,8 @@ function preinstall_check(){
         systemctl stop nginx
     fi
     $systemPackage -y install net-tools socat >/dev/null 2>&1
-    Port80=`netstat -tlpn | awk -F '[: ]+' '$1=="tcp"{print $5}' | grep -w 80`
-    Port443=`netstat -tlpn | awk -F '[: ]+' '$1=="tcp"{print $5}' | grep -w 443`
-    if [ -n "$Port80" ]; then
-        process80=`netstat -tlpn | awk -F '[: ]+' '$5=="80"{print $9}'`
-        red "==========================================================="
-        red "检测到80端口被占用, 占用进程为: ${process80}, 本次安装结束"
-        red "==========================================================="
-        exit 1
-    fi
-    if [ -n "$Port443" ]; then
-        process443=`netstat -tlpn | awk -F '[: ]+' '$5=="443"{print $9}'`
-        red "============================================================="
-        red "检测到443端口被占用, 占用进程为: ${process443}, 本次安装结束"
-        red "============================================================="
-        exit 1
-    fi
+    check_port 80
+    check_port 443
     if [ -f "/etc/selinux/config" ]; then
         CHECK=$(grep SELINUX= /etc/selinux/config | grep -v "#")
         if [ "$CHECK" == "SELINUX=enforcing" ]; then
@@ -410,25 +396,20 @@ function preinstall_check(){
  
 function repair_cert(){
     systemctl stop nginx
-    #iptables -I INPUT -p tcp --dport 80 -j ACCEPT
-    #iptables -I INPUT -p tcp --dport 443 -j ACCEPT
-    Port80=`netstat -tlpn | awk -F '[: ]+' '$1=="tcp"{print $5}' | grep -w 80`
-    if [ -n "$Port80" ]; then
-        process80=`netstat -tlpn | awk -F '[: ]+' '$5=="80"{print $9}'`
-        red "==========================================================="
-        red "检测到80端口被占用, 占用进程为: ${process80}, 本次安装结束"
-        red "==========================================================="
+    if [ $? -ne 0 ]; then
+        red "停止 nginx 失败，退出脚本"
         exit 1
     fi
+    check_port 80
     green "============================"
     blue "请输入绑定到本VPS的域名"
     blue "务必与之前失败使用的域名一致"
     green "============================"
     read your_domain
-    if test -s /root/.acme.sh/${your_domain}_ecc/fullchain.cer; then
-        green "证书文件存在"
-        exit 1
-    fi
+    # if test -s /root/.acme.sh/${your_domain}_ecc/fullchain.cer; then
+    #     green "证书文件存在"
+    #     exit 1
+    # fi
     real_addr=`ping ${your_domain} -c 1 | sed '1{s/[^(]*(//;s/).*//;q}'`
     local_addr=`curl ipv4.icanhazip.com`
     if [ $real_addr == $local_addr ] ; then
@@ -496,6 +477,17 @@ function remove_trojan(){
     green "trojan删除完毕"
     green "=============="
 }
+
+function check_port() {
+    local port=$1
+    local port_process=`netstat -tlpn | awk -F '[: ]+' '$5=="'"$port"'" {print $9}'`
+    if [ -n "$port_process" ]; then
+        red "==========================================================="
+        red "检测到${port}端口被占用, 占用进程为: ${port_process}, 本次安装结束"
+        red "==========================================================="
+        exit 1
+    fi
+}
 function port_forward(){
     iptables -t nat -A PREROUTING -p tcp --dport 49000:50000 -j REDIRECT --to-ports 443
     green "=========================="
@@ -537,7 +529,15 @@ function install_acme(){
         curl https://get.acme.sh | sh
     fi
 }
- 
+
+ function check_cert() {
+    local domain=$1
+    local cert_path="/root/.acme.sh/${domain}_ecc/fullchain.cer"
+    if [[ -s $cert_path ]]; then
+        green "证书文件存在"
+        exit 1
+    fi
+}
 start_menu(){
     clear
     green " ======================================="