diff --git a/README.md b/README.md
index 927a701..829dd85 100644
--- a/README.md
+++ b/README.md
@@ -1 +1,5 @@
-troooojan
+本页面为 atrandys 的 trojan 一键脚本之 fork 备份。顺便修复了 atrandys 原版脚本中伪装站没有 SSL 跳转（即访问伪装站不显示小锁）的问题。
+## 用法
+```sh
+bash <(curl -sL https://raw.githubusercontent.com/phlinhng/trojan/master/trojan_mult.sh)
+```
diff --git a/trojan_mult.sh b/trojan_mult.sh
index 4e06920..903fafc 100644
--- a/trojan_mult.sh
+++ b/trojan_mult.sh
@@ -66,11 +66,17 @@ http {
     client_max_body_size 20m;
     #gzip  on;
     server {
-        listen       80;
+        listen  127.0.0.1:80;
         server_name  $your_domain;
         root /usr/share/nginx/html;
         index index.php index.html index.htm;
     }
+    server {
+        listen  0.0.0.0:80;
+        listen  [::]:80;
+        server_name  _;
+        return  301 https://\$host\$request_uri;
+    }
 }
 EOF
 	#设置伪装站
@@ -85,8 +91,8 @@ EOF
 	fi
 	mkdir /usr/src/trojan-cert /usr/src/trojan-temp
 	curl https://get.acme.sh | sh
-	~/.acme.sh/acme.sh  --issue  -d $your_domain  --standalone
-	if test -s /root/.acme.sh/$your_domain/fullchain.cer; then
+	~/.acme.sh/acme.sh  --issue  -d $your_domain  --standalone --keylength ec-256
+	if test -s /root/.acme.sh/${your_domain}_ecc/fullchain.cer; then
 	systemctl start nginx
         cd /usr/src
 	#wget https://github.com/trojan-gfw/trojan/releases/download/v1.13.0/trojan-1.13.0-linux-amd64.tar.xz
@@ -206,7 +212,7 @@ EOF
 	chmod +x ${systempwd}trojan.service
 	systemctl enable trojan.service
 	cd /root
-	~/.acme.sh/acme.sh  --installcert  -d  $your_domain   \
+	~/.acme.sh/acme.sh  --installcert --ecc -d  $your_domain   \
         --key-file   /usr/src/trojan-cert/private.key \
         --fullchain-file  /usr/src/trojan-cert/fullchain.cer \
 	--reloadcmd  "systemctl restart trojan"	
@@ -358,8 +364,8 @@ read your_domain
 real_addr=`ping ${your_domain} -c 1 | sed '1{s/[^(]*(//;s/).*//;q}'`
 local_addr=`curl ipv4.icanhazip.com`
 if [ $real_addr == $local_addr ] ; then
-    ~/.acme.sh/acme.sh  --issue  -d $your_domain  --standalone
-    ~/.acme.sh/acme.sh  --installcert  -d  $your_domain   \
+    ~/.acme.sh/acme.sh  --issue  -d $your_domain  --standalone  --keylength ec-256
+    ~/.acme.sh/acme.sh  --installcert --ecc -d  $your_domain   \
         --key-file   /usr/src/trojan-cert/private.key \
         --fullchain-file /usr/src/trojan-cert/fullchain.cer \
 	--reloadcmd  "systemctl restart trojan"