diff --git a/trojan.sh b/trojan.sh
index 927b4cf..3732992 100644
--- a/trojan.sh
+++ b/trojan.sh
@@ -65,7 +65,7 @@ EOF
     sleep 3
     rm -rf /usr/share/nginx/html/*
     cd /usr/share/nginx/html/
-    wget https://github.com/xxxbrian/trojan.sh/raw/main/fakesite.zip >/dev/null 2>&1
+    wget https://gitea.i00.org/gamesme/bash-script/raw/branch/main/fakesite.zip >/dev/null 2>&1
     unzip fakesite.zip >/dev/null 2>&1
     sleep 5
     if [ ! -d "/usr/src" ]; then
@@ -79,7 +79,7 @@ EOF
             exit 1
         fi
         /root/.acme.sh/acme.sh  --register-account  -m myemail@example.com --server zerossl
-        /root/.acme.sh/acme.sh  --issue  -d $your_domain  --nginx
+        /root/.acme.sh/acme.sh  --issue  -d $your_domain  --nginx --ecc
         if test -s /root/.acme.sh/$your_domain_ecc/fullchain.cer; then
             cert_success="1"
         fi
@@ -90,7 +90,7 @@ EOF
         minus=$(($now_time - $create_time ))
         if [  $minus -gt 5184000 ]; then
             /root/.acme.sh/acme.sh  --register-account  -m myemail@example.com --server zerossl
-            /root/.acme.sh/acme.sh  --issue  -d $your_domain  --nginx
+            /root/.acme.sh/acme.sh  --issue  -d $your_domain  --nginx --ecc
             if test -s /root/.acme.sh/$your_domain_ecc/fullchain.cer; then
                 cert_success="1"
             fi
@@ -101,7 +101,7 @@ EOF
     else 
         mkdir /usr/src/trojan-cert/$your_domain
         /root/.acme.sh/acme.sh  --register-account  -m myemail@example.com --server zerossl
-        /root/.acme.sh/acme.sh  --issue  -d $your_domain  --nginx
+        /root/.acme.sh/acme.sh  --issue  -d $your_domain  --nginx --ecc
         if test -s /root/.acme.sh/$your_domain_ecc/fullchain.cer; then
             cert_success="1"
         fi
@@ -245,7 +245,7 @@ EOF
         rm -f /usr/src/trojan-cli.zip
         trojan_path=$(cat /dev/urandom | head -1 | md5sum | head -c 16)
         #mkdir /usr/share/nginx/html/${trojan_path}
-        #mv /usr/src/trojan-cli/trojan-cli.zip /usr/share/nginx/html/${trojan_path}/	
+        #mv /usr/src/trojan-cli/trojan-cli.zip /usr/share/nginx/html/${trojan_path}/    
         cat > ${systempwd}trojan.service <<-EOF
 [Unit]  
 Description=trojan  
@@ -266,10 +266,10 @@ EOF
         chmod +x ${systempwd}trojan.service
         systemctl enable trojan.service
         cd /root
-        /root/.acme.sh/acme.sh  --installcert  -d  $your_domain   \
+        /root/.acme.sh/acme.sh  --installcert --ecc -d  $your_domain   \
             --key-file   /usr/src/trojan-cert/$your_domain/private.key \
             --fullchain-file  /usr/src/trojan-cert/$your_domain/fullchain.cer \
-            --reloadcmd  "systemctl restart trojan"	
+            --reloadcmd  "systemctl restart trojan" 
         green "==========================================================================="
         green "windows客户端路径/usr/src/trojan-cli/trojan-cli.zip, 此客户端已配置好所有参数"
         green "==========================================================================="
@@ -279,6 +279,7 @@ EOF
         green "==========================================================================="
         cat /usr/src/trojan-cli/config.json
         green "==========================================================================="
+        port_forward
     else
         red "==================================="
         red "https证书没有申请成功, 本次安装失败"
@@ -433,31 +434,31 @@ function repair_cert(){
     if [ $real_addr == $local_addr ] ; then
         if [ -f "/usr/src/trojan-cert/$your_domain/fullchain.cer" ]; then
             cd /usr/src/trojan-cert/$your_domain
-            create_time=`stat -c %Y fullchain.cer`
+            create_time=`stat -c %Y fullchain.cer`  
             now_time=`date +%s`
             minus=$(($now_time - $create_time ))
             if [  $minus -gt 5184000 ]; then
-        /root/.acme.sh/acme.sh  --register-account  -m myemail@example.com --server zerossl
-        /root/.acme.sh/acme.sh  --issue  -d $your_domain  --standalone
-        /root/.acme.sh/acme.sh  --installcert  -d  $your_domain   \
-            --key-file   /usr/src/trojan-cert/$your_domain/private.key \
-            --fullchain-file /usr/src/trojan-cert/$your_domain/fullchain.cer \
-            --reloadcmd  "systemctl restart trojan"
-        if test -s /usr/src/trojan-cert/$your_domain/fullchain.cer; then
-            green "证书申请成功"
-            systemctl restart trojan
-            systemctl start nginx
-        else
-            red "申请证书失败"
-        fi
-    else
-                ~/.acme.sh/acme.sh  --installcert  -d  $your_domain   \
+                /root/.acme.sh/acme.sh  --register-account  -m myemail@example.com --server zerossl
+                /root/.acme.sh/acme.sh  --issue  -d $your_domain  --standalone --ecc
+                /root/.acme.sh/acme.sh  --installcert --ecc -d  $your_domain   \
                     --key-file   /usr/src/trojan-cert/$your_domain/private.key \
                     --fullchain-file /usr/src/trojan-cert/$your_domain/fullchain.cer \
                     --reloadcmd  "systemctl restart trojan"
+                if test -s /usr/src/trojan-cert/$your_domain/fullchain.cer; then
+                    green "证书申请成功"
+                    systemctl restart trojan
+                    systemctl start nginx
+                else
+                    red "申请证书失败"
+                fi
+    else
+        /root/.acme.sh/acme.sh  --installcert  --ecc -d  $your_domain   \
+            --key-file   /usr/src/trojan-cert/$your_domain/private.key \
+            --fullchain-file /usr/src/trojan-cert/$your_domain/fullchain.cer \
+            --reloadcmd  "systemctl restart trojan"
               green "检测到域名$your_domain证书存在且未超过60天，无需重新申请"
               cert_success="1"
-      		fi
+            fi
         fi   
     else
         red "================================"