diff --git a/.gitignore b/.gitignore
index da101a7..def96ff 100644
--- a/.gitignore
+++ b/.gitignore
@@ -38,6 +38,9 @@ __pycache__
 **/.idea/inspectionProfiles
 **/.idea/vcs.xml
 **/.idea/modules.xml
+**/.idea/deployment.xml
+**/.idea/sshConfigs.xml
+**/.idea/webServers.xml
 
 *.css.map
 
@@ -61,6 +64,8 @@ __pycache__
 
 # for dist folder
 **/_tmp_
+/dist/docker/*.sh
+/dist/docker/res/*.tar.gz
 /dist/server/data
 /dist/client/windows/assist/apps
 /dist/client/windows/assist/cfg
diff --git a/server/www/teleport/app_bootstrap.py b/server/www/teleport/app_bootstrap.py
index e9fd80c..648b487 100644
--- a/server/www/teleport/app_bootstrap.py
+++ b/server/www/teleport/app_bootstrap.py
@@ -2,18 +2,39 @@
 
 import os
 import sys
+import signal
 
 sys.path.append(os.path.join(os.path.abspath(os.path.dirname(__file__)), 'webroot'))
 
+g_web_app = None
+
+
+def signal_handler(signum, frame):
+    global g_web_app
+    if g_web_app is None:
+        return
+
+    print('got signal: signum={}'.format(signum))
+    print('stopping...')
+    g_web_app.stop()
+
 
 def main():
+    global g_web_app
+
     from app.app_env import PATH_APP_ROOT, PATH_DATA
     from app.base.webapp import tp_web_app
-    _web_app = tp_web_app()
-    if not _web_app.init(PATH_APP_ROOT, PATH_DATA):
+    g_web_app = tp_web_app()
+    if not g_web_app.init(PATH_APP_ROOT, PATH_DATA):
         return 1
 
-    return _web_app.run()
+    signal.signal(signal.SIGINT, signal_handler)  # Ctrl-C
+    signal.signal(signal.SIGHUP, signal_handler)  # 发送给具有Terminal的Controlling Process，当terminal 被disconnect时候发送
+    signal.signal(signal.SIGTERM, signal_handler)  # kill
+
+    ret = g_web_app.run()
+    g_web_app.finalize()
+    return ret
 
 
 if __name__ == '__main__':
diff --git a/server/www/teleport/static/js/user/user-list.js b/server/www/teleport/static/js/user/user-list.js
index 418c96d..28b2c97 100755
--- a/server/www/teleport/static/js/user/user-list.js
+++ b/server/www/teleport/static/js/user/user-list.js
@@ -1420,7 +1420,7 @@ $app.create_dlg_ldap_config = function () {
         }
 
         // dlg.ldap_config.use_ssl = dlg.dom.btn_use_ssl.hasClass('tp-selected');
-        dlg.ldap_config.use_ssl = $(this).is(':checked')
+        dlg.ldap_config.use_ssl = dlg.dom.btn_use_ssl.is(':checked')
 
         if (dlg.mode === 'set') {
             if (tp_is_empty_str(dlg.ldap_config.password)) {
diff --git a/server/www/teleport/webroot/app/base/configs.py b/server/www/teleport/webroot/app/base/configs.py
index 1913e2a..fefb097 100644
--- a/server/www/teleport/webroot/app/base/configs.py
+++ b/server/www/teleport/webroot/app/base/configs.py
@@ -596,7 +596,7 @@ class AppConfig(BaseAppConfig):
         if not self.sys.ldap.is_exists('port'):
             self.sys.ldap.port = 389
         if not self.sys.ldap.is_exists('use_ssl'):
-            self.sys.ldap.use = False
+            self.sys.ldap.use_ssl = False
         if not self.sys.ldap.is_exists('domain'):
             self.sys.ldap.domain = ''
         if not self.sys.ldap.is_exists('admin'):
diff --git a/server/www/teleport/webroot/app/base/webapp.py b/server/www/teleport/webroot/app/base/webapp.py
index b537045..a66f213 100644
--- a/server/www/teleport/webroot/app/base/webapp.py
+++ b/server/www/teleport/webroot/app/base/webapp.py
@@ -2,6 +2,7 @@
 
 import json
 import os
+import threading
 import time
 import urllib.parse
 import urllib.request
@@ -22,6 +23,7 @@ from app.base.session import tp_session
 from app.base.cron import tp_cron
 from app.base.stats import tp_stats
 from app.base.host_alive import tp_host_alive
+from app.base.utils import tp_generate_random
 from app.app_ver import TP_SERVER_VER
 
 
@@ -30,6 +32,10 @@ class WebApp:
         import builtins
         if '__web_app__' in builtins.__dict__:
             raise RuntimeError('WebApp object exists, you can not create more than one instance.')
+
+        self._need_stop = False
+        self._thread = None
+
         self._cfg_file = ''
 
     def init(self, path_app_root, path_data):
@@ -51,6 +57,8 @@ class WebApp:
         if not cfg.load(self._cfg_file):
             return False
 
+        cfg.random_exit_uri = '/exit_{}'.format(tp_generate_random(16))
+
         return True
 
     def _get_core_server_config(self):
@@ -71,12 +79,26 @@ class WebApp:
         except:
             log.w('can not connect to core-server to get config, maybe it not start yet, ignore.\n')
 
+    def finalize(self):
+        print('DONE')
+
+        log.finalize()
+
     def run(self):
         log.i('\n')
         log.i('###############################################################\n')
         log.i('Teleport Web Server v{}\n'.format(TP_SERVER_VER))
         log.i('Load config file: {}\n'.format(self._cfg_file))
 
+        self._thread = threading.Thread(target=self._run_loop)
+        self._thread.start()
+        while not self._need_stop:
+            time.sleep(1)
+        self._thread.join()
+
+        return 0
+
+    def _run_loop(self):
         ext_srv_cfg = tp_ext_srv_cfg()
         if not ext_srv_cfg.init():
             return 0
@@ -197,6 +219,17 @@ class WebApp:
         tp_cron().stop()
         return 0
 
+    def stop(self):
+        if self._need_stop:
+            return
+        self._need_stop = True
+        cfg = tp_cfg()
+        try:
+            c = urllib.request.urlopen('http://127.0.0.1:{}{}'.format(cfg.common.port, cfg.random_exit_uri))
+            c.read()
+        except:
+            log.e('\n')
+
 
 def tp_web_app():
     """
diff --git a/server/www/teleport/webroot/app/controller/index.py b/server/www/teleport/webroot/app/controller/index.py
index c3e26b5..f1b1cb3 100644
--- a/server/www/teleport/webroot/app/controller/index.py
+++ b/server/www/teleport/webroot/app/controller/index.py
@@ -3,6 +3,7 @@
 import tornado.ioloop
 from app.base.controller import TPBaseHandler
 from app.base.logger import log
+from app.base.configs import tp_cfg
 from app.const import *
 from tornado.escape import json_encode
 
@@ -25,6 +26,11 @@ class IndexHandler(TPBaseHandler):
 
 class CatchAllHandler(TPBaseHandler):
     def get(self):
+        if self.request.uri == tp_cfg().random_exit_uri:
+            tornado.ioloop.IOLoop.instance().stop()
+            self.write('EXIT')
+            return
+
         log.w('catch all, GET: {}\n'.format(self.request.uri))
         self.show_error_page(TPE_HTTP_404_NOT_FOUND)
 
diff --git a/server/www/teleport/webroot/app/model/user.py b/server/www/teleport/webroot/app/model/user.py
index ac8cedc..d76f15b 100755
--- a/server/www/teleport/webroot/app/model/user.py
+++ b/server/www/teleport/webroot/app/model/user.py
@@ -124,13 +124,14 @@ def login(handler, username, password=None, oath_code=None, check_bind_oath=Fals
                 _ldap_server = tp_cfg().sys.ldap.server
                 _ldap_port = tp_cfg().sys.ldap.port
                 _ldap_base_dn = tp_cfg().sys.ldap.base_dn
+                _ldap_use_ssl = tp_cfg().sys.ldap.use_ssl
             except:
                 msg = 'LDAP尚未正确配置'
                 syslog.sys_log(user_info, handler.request.remote_ip, TPE_USER_AUTH, msg)
                 return TPE_USER_AUTH, None, msg
 
             try:
-                ldap = Ldap(_ldap_server, _ldap_port, _ldap_base_dn)
+                ldap = Ldap(_ldap_server, _ldap_port, _ldap_base_dn, _ldap_use_ssl)
                 ret, err_msg = ldap.valid_user(user_info['ldap_dn'], password)
                 if ret != TPE_OK:
                     if ret == TPE_USER_AUTH: