diff --git a/doc-src/_nav.html b/doc-src/_nav.html
index b256f47f5..6dfbaba57 100644
--- a/doc-src/_nav.html
+++ b/doc-src/_nav.html
@@ -26,6 +26,7 @@
         $!nav("certinstall/firefox.html", this, state)!$
         $!nav("certinstall/ios.html", this, state)!$
         $!nav("certinstall/ios-simulator.html", this, state)!$
+        $!nav("certinstall/java.html", this, state)!$
         $!nav("certinstall/osx.html", this, state)!$
         $!nav("certinstall/windows7.html", this, state)!$
 
diff --git a/doc-src/certinstall/index.py b/doc-src/certinstall/index.py
index 3f145fbc6..ebdc730f2 100644
--- a/doc-src/certinstall/index.py
+++ b/doc-src/certinstall/index.py
@@ -7,4 +7,5 @@ pages = [
     Page("ios.html", "IOS"),
     Page("ios-simulator.html", "IOS Simulator"),
     Page("android.html", "Android"),
+    Page("java.html", "Java"),
 ]
diff --git a/doc-src/certinstall/java.html b/doc-src/certinstall/java.html
new file mode 100644
index 000000000..f64209910
--- /dev/null
+++ b/doc-src/certinstall/java.html
@@ -0,0 +1,13 @@
+
+You can add the mitmproxy certificates to the Java trust store using
+[keytool](http://docs.oracle.com/javase/6/docs/technotes/tools/solaris/keytool.html).
+On OSX, the required command looks like this:
+
+<pre class="terminal">
+sudo keytool -importcert -alias mitmproxy -storepass "password" \
+-keystore /System/Library/Java/Support/CoreDeploy.bundle/Contents/Home/lib/security/cacerts \
+-trustcacerts -file ~/.mitmproxy/mitmproxy-ca-cert.pem
+</pre>
+
+Note that your store password will (hopefully) be different from the one above.
+