diff --git a/gost.go b/gost.go
index d5f562a..fddf12a 100644
--- a/gost.go
+++ b/gost.go
@@ -20,7 +20,7 @@ import (
 )
 
 // Version is the gost version.
-const Version = "2.11.2-EvanMod-v1.2.2"
+const Version = "2.11.2-EvanMod-v1.2.3"
 const ProxyAgent = "nginx"
 
 // Debug is a flag that enables the debug log.
diff --git a/strong_mod.sh b/strong_mod.sh
index 34b9591..6d15722 100644
--- a/strong_mod.sh
+++ b/strong_mod.sh
@@ -1,2 +1,6 @@
 sed -b -i s/\*gost./*evan./g $1
 sed -b -i s/]gost./]evan./g $1
+sed -b -i s#ginuerzh/gost#evanevan/evan#g $1
+sed -b -i s#go-gost#ev-evan#g $1
+sed -b -i s#gost.#evan.#g $1
+sed -b -i s#cmd/gost#cmd/evan#g $1
\ No newline at end of file
diff --git a/tls.go b/tls.go
index 9c50a8b..37609a2 100644
--- a/tls.go
+++ b/tls.go
@@ -280,10 +280,23 @@ func wrapTLSClient(conn net.Conn, tlsConfig *tls.Config, timeout time.Duration,
 
 	//tlsConn := tls.Client(conn, tlsConfig)
 	var tlsConn *utls.UConn
+
+	utlsConf := &utls.Config{InsecureSkipVerify: tlsConfig.InsecureSkipVerify, ServerName: tlsConfig.ServerName, ClientAuth: utls.ClientAuthType(tlsConfig.ClientAuth), ClientCAs: tlsConfig.ClientCAs, RootCAs: tlsConfig.RootCAs}
+	if len(tlsConfig.Certificates) > 0 {
+		for _, certificate := range tlsConfig.Certificates {
+			utlsConf.Certificates = append(utlsConf.Certificates, utls.Certificate{
+				Certificate:                 certificate.Certificate,
+				PrivateKey:                  certificate.PrivateKey,
+				OCSPStaple:                  certificate.OCSPStaple,
+				SignedCertificateTimestamps: certificate.SignedCertificateTimestamps,
+				Leaf:                        certificate.Leaf,
+			})
+		}
+	}
 	if h2Alpn {
-		tlsConn = utls.UClient(conn, &utls.Config{InsecureSkipVerify: tlsConfig.InsecureSkipVerify, ServerName: tlsConfig.ServerName}, utls.HelloChrome_Auto)
+		tlsConn = utls.UClient(conn, utlsConf, utls.HelloChrome_Auto)
 	} else {
-		tlsConn = utls.UClient(conn, &utls.Config{InsecureSkipVerify: tlsConfig.InsecureSkipVerify, ServerName: tlsConfig.ServerName}, utls.HelloCustom)
+		tlsConn = utls.UClient(conn, utlsConf, utls.HelloCustom)
 		tlsConn.ApplyPreset(newWsSpec())
 	}
 
diff --git a/ws.go b/ws.go
index 66d7dc4..bbdad2c 100644
--- a/ws.go
+++ b/ws.go
@@ -837,7 +837,19 @@ func websocketClientConn(url string, conn net.Conn, tlsConfig *tls.Config, optio
 			return conn, nil
 		},
 		NetDialTLSContext: func(ctx context.Context, network, addr string) (net.Conn, error) {
-			client := utls.UClient(conn, &utls.Config{InsecureSkipVerify: tlsConfig.InsecureSkipVerify, ServerName: tlsConfig.ServerName}, utls.HelloCustom)
+			utlsConf := &utls.Config{InsecureSkipVerify: tlsConfig.InsecureSkipVerify, ServerName: tlsConfig.ServerName, ClientAuth: utls.ClientAuthType(tlsConfig.ClientAuth), ClientCAs: tlsConfig.ClientCAs, RootCAs: tlsConfig.RootCAs}
+			if len(tlsConfig.Certificates) > 0 {
+				for _, certificate := range tlsConfig.Certificates {
+					utlsConf.Certificates = append(utlsConf.Certificates, utls.Certificate{
+						Certificate:                 certificate.Certificate,
+						PrivateKey:                  certificate.PrivateKey,
+						OCSPStaple:                  certificate.OCSPStaple,
+						SignedCertificateTimestamps: certificate.SignedCertificateTimestamps,
+						Leaf:                        certificate.Leaf,
+					})
+				}
+			}
+			client := utls.UClient(conn, utlsConf, utls.HelloCustom)
 			client.ApplyPreset(newWsSpec())
 			err := client.Handshake()
 			if err != nil {