diff --git a/packages/core/src/shell/scripts/set-system-proxy/index.js b/packages/core/src/shell/scripts/set-system-proxy/index.js
index c02263b..d593877 100644
--- a/packages/core/src/shell/scripts/set-system-proxy/index.js
+++ b/packages/core/src/shell/scripts/set-system-proxy/index.js
@@ -122,17 +122,26 @@ const executor = {
     }
   },
   async linux (exec, params) {
-    await exec('sudo sed -i \'/export https=/d\' ~/.bashrc')
-    await exec('sudo sed -i \'/export no_proxy=/d\' ~/.bashrc')
     if (params != null) {
       const { ip, port } = params
-      const local = 'localhost, 127.0.0.1, ::1'
+      // const local = 'localhost, 127.0.0.0/8, ::1'
 
-      const setProxyCmd = `sudo echo 'export https_proxy=https://${ip}:${port}' >> ~/.bashrc`
+      const setProxyCmd = [
+        'gsettings set org.gnome.system.proxy mode manual',
+        `gsettings set org.gnome.system.proxy.https port ${port}`,
+        `gsettings set org.gnome.system.proxy.https host ${ip}`,
+        `gsettings set org.gnome.system.proxy.http port ${port}`,
+        `gsettings set org.gnome.system.proxy.http host ${ip}`
+        // `gsettings set org.gnome.system.proxy ignore-hosts "${local}"`
+      ]
+
+      await exec(setProxyCmd)
+    } else {
+      const setProxyCmd = [
+        'gsettings set org.gnome.system.proxy mode none'
+      ]
       await exec(setProxyCmd)
-      await exec(`sudo echo 'export no_proxy="${local}"' >> ~/.bashrc`)
     }
-    await exec('source ~/.bashrc')
   },
   async mac (exec, params) {
     // exec = _exec
diff --git a/packages/mitmproxy/src/lib/proxy/tls/tlsUtils.js b/packages/mitmproxy/src/lib/proxy/tls/tlsUtils.js
index 2d43ff2..d0b42ed 100644
--- a/packages/mitmproxy/src/lib/proxy/tls/tlsUtils.js
+++ b/packages/mitmproxy/src/lib/proxy/tls/tlsUtils.js
@@ -51,11 +51,13 @@ utils.createCA = function (CN) {
     name: 'basicConstraints',
     critical: true,
     cA: true
-  }, {
+  },
+  {
     name: 'keyUsage',
     critical: true,
     keyCertSign: true
-  }, {
+  },
+  {
     name: 'subjectKeyIdentifier'
   }])
 
@@ -111,19 +113,19 @@ utils.createFakeCertificateByDomain = function (caKey, caCert, domain) {
     critical: true,
     cA: false
   },
-  {
-    name: 'keyUsage',
-    critical: true,
-    digitalSignature: true,
-    contentCommitment: true,
-    keyEncipherment: true,
-    dataEncipherment: true,
-    keyAgreement: true,
-    keyCertSign: true,
-    cRLSign: true,
-    encipherOnly: true,
-    decipherOnly: true
-  },
+  // {
+  //   name: 'keyUsage',
+  //   critical: true,
+  //   digitalSignature: true,
+  //   contentCommitment: true,
+  //   keyEncipherment: true,
+  //   dataEncipherment: true,
+  //   keyAgreement: true,
+  //   keyCertSign: true,
+  //   cRLSign: true,
+  //   encipherOnly: true,
+  //   decipherOnly: true
+  // },
   {
     name: 'subjectAltName',
     altNames: [{