diff --git a/webservice.go b/webservice.go
index 5e9183a..8dca00a 100644
--- a/webservice.go
+++ b/webservice.go
@@ -17,10 +17,17 @@
 	"sync"
 	"time"
 
+	"crypto/x509"
+
 	log "github.com/Sirupsen/logrus"
 	"github.com/franela/goreq"
 )
 
+var (
+	// ErrBadCAPEM 错误的 CA 文件
+	ErrBadCAPEM = errors.New("不正确的PEM文件")
+)
+
 // WebSession web session object
 type WebSession struct {
 	// AppId app id
@@ -109,10 +116,7 @@
 }
 
 // DoGet send GET request
-func (w *WebSession) DoGet(uri string, params map[string]string) (*http.Response, error) {
-	transport := w.httpConnectionPool.Get().(*http.Transport)
-	defer w.httpConnectionPool.Put(transport)
-	client := &http.Client{Transport: transport, Timeout: time.Duration(3) * time.Second}
+func (w *WebSession) DoGet(uri string, params map[string]string) (*goreq.Response, error) {
 
 	fullURL := w.BaseURL + uri
 
@@ -124,8 +128,7 @@
 		}
 	}
 	fullURL = fullURL + "?" + vl.Encode()
-	//	fmt.Printf("%v\n", full_url)
-	return client.Get(fullURL)
+	return goreq.Request{Uri: fullURL, Method: "GET"}.Do()
 }
 
 // GetTimestamp get time stamp format 20160103133455
@@ -161,14 +164,14 @@
 			TLSClientConfig:     &tls.Config{InsecureSkipVerify: b},
 			TLSHandshakeTimeout: time.Duration(1) * time.Second,
 			Dial: func(network, addr string) (net.Conn, error) {
-				default_timeout := time.Duration(1) * time.Second
-				return net.DialTimeout(network, addr, default_timeout)
+				defaultTimeout := time.Duration(1) * time.Second
+				return net.DialTimeout(network, addr, defaultTimeout)
 			}}
 	} else if strings.HasPrefix(baseurl, "http://") {
 		transport = http.Transport{MaxIdleConnsPerHost: 0,
 			Dial: func(network, addr string) (net.Conn, error) {
-				default_timeout := time.Duration(1) * time.Second
-				return net.DialTimeout(network, addr, default_timeout)
+				defaultTimeout := time.Duration(1) * time.Second
+				return net.DialTimeout(network, addr, defaultTimeout)
 			}}
 	}
 	log.Debugf("创建新连接")
@@ -230,8 +233,22 @@
 		}}}
 }
 
+// NewSessionWithCA new session ca
+func NewSessionWithCA(appID, appSecret, termID, baseURL string,
+	timeout int, ca []byte) (*WebSession, error) {
+	certs := x509.NewCertPool()
+	if !certs.AppendCertsFromPEM(ca) {
+		return nil, ErrBadCAPEM
+	}
+	if transport, ok := goreq.DefaultTransport.(*http.Transport); ok {
+		transport.TLSClientConfig = &tls.Config{RootCAs: certs}
+	}
+
+	return NewSession(appID, appSecret, termID, baseURL, timeout, true), nil
+}
+
 func (w *WebSession) getAuthToken() (string, error) {
-	type FormJson struct {
+	type FormJSON struct {
 		AppID       string `json:"app_id"`
 		TermID      string `json:"term_id"`
 		AccessToken string `json:"access_token"`
@@ -244,7 +261,6 @@
 	r, err := w.DoGet(uri, params)
 
 	if err != nil {
-		//		log.Errorf("Status = %v, err = %v\n", r.StatusCode, err)
 		return "", err
 	}
 	if r.StatusCode != 200 {
@@ -254,7 +270,7 @@
 	body, err := ioutil.ReadAll(r.Body)
 	defer r.Body.Close()
 
-	s := &FormJson{}
+	s := &FormJSON{}
 	err = json.Unmarshal(body, &s)
 	if err != nil {
 		log.Errorf("json unmarshal err %v", err)
@@ -264,7 +280,7 @@
 }
 
 func (w *WebSession) getAppAccessKey(token string) error {
-	type FormJson struct {
+	type FormJSON struct {
 		AppID      string `json:"app_id"`
 		TermID     string `json:"term_id"`
 		SessionKey string `json:"session_key"`
@@ -291,12 +307,12 @@
 	}
 	if r.StatusCode != 200 {
 		log.Errorf(" errcode = %v\n", r.StatusCode)
-		return errors.New(fmt.Sprintf("code %v", r.StatusCode))
+		return fmt.Errorf("code %v", r.StatusCode)
 	}
 
 	body, err := ioutil.ReadAll(r.Body)
 
-	s := &FormJson{}
+	s := &FormJSON{}
 	err = json.Unmarshal(body, &s)
 	if err != nil {
 		log.Errorf("json unmarshal err %v", err)
@@ -322,7 +338,7 @@
 	}
 
 	if r.StatusCode != 200 {
-		return nil, errors.New(fmt.Sprintf("Request StatusCode:%v", r.StatusCode))
+		return nil, fmt.Errorf("Request StatusCode:%v", r.StatusCode)
 	}
 
 	body, err := ioutil.ReadAll(r.Body)
@@ -350,22 +366,22 @@
 		vl.Set(k, fmt.Sprintf("%v", v))
 	}
 
-	sign_data := ""
+	signData := ""
 	for _, k := range signField {
 		if v, ok := params[k]; ok {
-			sign_data += fmt.Sprintf("%v", v)
+			signData += fmt.Sprintf("%v", v)
 		}
 	}
-	sign_data += ts + w.sessionKey
+	signData += ts + w.sessionKey
 	vl.Set("sign_method", "HMAC")
-	log.Debugf("Sign: key[%v] data[%v]\n", w.sessionKey, sign_data)
-	vl.Set("sign", w.SignWithKey(w.AppSecret, sign_data))
+	log.Debugf("Sign: key[%v] data[%v]\n", w.sessionKey, signData)
+	vl.Set("sign", w.SignWithKey(w.AppSecret, signData))
 
-	full_url := w.BaseURL + path
-	log.Debugf("CallService: %v\n", full_url)
+	fullURL := w.BaseURL + path
+	log.Debugf("CallService: %v\n", fullURL)
 	var r *goreq.Response
 	r, err = goreq.Request{
-		Uri:         full_url,
+		Uri:         fullURL,
 		Accept:      "application/json",
 		ContentType: "application/x-www-form-urlencoded",
 		Method:      "POST",
@@ -377,7 +393,7 @@
 	}
 	if r.StatusCode != 200 {
 		log.Errorf("Request Error %v\n", r.StatusCode)
-		err = errors.New(fmt.Sprintf("Request Error, StatusCode : %v", r.StatusCode))
+		err = fmt.Errorf("Request Error, StatusCode : %v", r.StatusCode)
 		return
 	}
 	if r.Body != nil {
diff --git a/webservice_test.go b/webservice_test.go
new file mode 100644
index 0000000..1bcdca2
--- /dev/null
+++ b/webservice_test.go
@@ -0,0 +1,64 @@
+package swservice
+
+import (
+	"testing"
+)
+
+const caPEM = `-----BEGIN CERTIFICATE-----
+MIID8TCCAtmgAwIBAgIJAKFBiWb1ivtAMA0GCSqGSIb3DQEBCwUAMIGOMQswCQYD
+VQQGEwJDTjELMAkGA1UECAwCU0gxETAPBgNVBAcMCFNoYW5naGFpMRIwEAYDVQQK
+DAlTdXB3aXNkb20xDDAKBgNVBAsMA1lrdDEaMBgGA1UEAwwReWt0LnN1cHdpc2Rv
+bS5jb20xITAfBgkqhkiG9w0BCQEWEnRlY2hAc3Vwd2lzZG9tLmNvbTAeFw0xNjA3
+MTQwMjU4MTBaFw0xNjA4MTMwMjU4MTBaMIGOMQswCQYDVQQGEwJDTjELMAkGA1UE
+CAwCU0gxETAPBgNVBAcMCFNoYW5naGFpMRIwEAYDVQQKDAlTdXB3aXNkb20xDDAK
+BgNVBAsMA1lrdDEaMBgGA1UEAwwReWt0LnN1cHdpc2RvbS5jb20xITAfBgkqhkiG
+9w0BCQEWEnRlY2hAc3Vwd2lzZG9tLmNvbTCCASIwDQYJKoZIhvcNAQEBBQADggEP
+ADCCAQoCggEBANaI/Go+ysBu1pQytxyFKehHic+WCfWeFltnKJg6QczYczqqZR8K
+xpRfEOWy3srRr5K+IRASuYka5DIHyZkozisdcLH8pzBd/gKluh0PlMClOJ8nYbe/
+6LHuASPzaehLxenjg8G39A0qX3cJCo0Wo95fkzViroyMKX4wu91GYlOlMv/5PlbZ
+dtL5G2yJPuvyyG8cp7OUQjVFdfI1S3rLnwn3DDCnhsw48j8GFTbdPWbnIqG2sgW0
+K6ycTioTmvxEWjMEl+f1aodQ13FbtG84xcLOz0kcvAHzcLATKHXhs3f9jZMo62Y1
+jDjq9kmPkznv35r/Wvh94dsBPjroH15sLXUCAwEAAaNQME4wHQYDVR0OBBYEFOXs
+u68Yd29qPaSADyL9cq8T7aYOMB8GA1UdIwQYMBaAFOXsu68Yd29qPaSADyL9cq8T
+7aYOMAwGA1UdEwQFMAMBAf8wDQYJKoZIhvcNAQELBQADggEBADkZxo5/r82rmwKz
+A5Jba2YLWiBtjalHfpi2US8IQKva47Jb/P/TmbukdNCeaNjS8FRypaA4HM81G+tE
+mDIIL5U8KnZ3DeZA/Ql4GtWscLxs92NdNo4dNqMZyLtphEQVY4mkynygqW4koCwN
+fo6rwgTWN+kZ2Eo5i8ZPsCi2mew7vy8IK+B06toVw0picCgvhCXtVjHS4ndj52FZ
+9nNHnIoaJLxPj+UhICKH73WVJdZQEPpfB7upkBARNJ7y313wm6wh8FIA86frqKiV
+mggFtcm1X5BXnYYe9p+3+e5qQK2hkiZuRKzjAaIwzww5oI5QMHLkyDa1Mhn87w2v
+9HSYpIA=
+-----END CERTIFICATE-----
+
+`
+const (
+	appID     = "100001"
+	appSecret = "3072a87ece234b728b519ded8dd152b1"
+	termID    = "1020303"
+)
+
+func T1estUseHTTP(t *testing.T) {
+	uri := "http://vb-docker:8443/epayapi/services"
+	session := NewSession(appID, appSecret, termID, uri, 3, true)
+	err := session.Auth()
+	if err != nil {
+		t.Errorf("Auth Error: %v", err)
+	}
+}
+
+func TestUseHTTPS(t *testing.T) {
+	uri := "https://vb-docker:8443/epayapi/services"
+	session, err := NewSessionWithCA(appID, appSecret, termID, uri, 3, []byte(caPEM))
+	if err != nil {
+		t.Error("New Session , ", err)
+		return
+	}
+	err = session.Auth()
+	if err != nil {
+		t.Errorf("Auth Error: %v", err)
+		return
+	}
+}
+
+func TestUseSecureHTTPS(t *testing.T) {
+
+}