diff --git a/lambdainst/openvpn.py b/lambdainst/openvpn.py
index b13997b..3b44d60 100644
--- a/lambdainst/openvpn.py
+++ b/lambdainst/openvpn.py
@@ -1,3 +1,5 @@
+import json
+import uuid
 from django.utils.translation import ugettext as _
 from django.conf import settings
 
@@ -10,6 +12,7 @@ CONFIG_OS = (
     ('ubuntu', _("Ubuntu")),
     ('osx', _("OS X")),
     ('ios', _("iOS")),
+    ('chromeos', _("Chrome OS")),
     ('freebox', _("Freebox")),
     ('other', _("Other / GNU/Linux")),
 )
@@ -21,7 +24,45 @@ PROTOCOLS = (
 )
 
 
-def make_config(gw_name, os, protocol, http_proxy=None, ipv6=True):
+def _make_onc(username, name, hostname, port, protocol, http_proxy=None, ipv6=True):
+    cert_id = '{%s}' % uuid.uuid4()
+    vpn_id = '{%s}' % uuid.uuid4()
+
+    openvpn_config = {
+        'ServerCARef': cert_id,
+        'ClientCertType': 'None',
+        'CompLZO': 'true',
+        'Port': port,
+        'Proto': protocol,
+        'ServerPollTimeout': 10,
+        'NsCertType': 'server',
+        'Username': username,
+    }
+    cert = {
+        'GUID': cert_id,
+        'Type': 'Authority',
+        'X509': CA_CERT.strip().replace('\n', '\\n'),
+    }
+    vpn = {
+        'GUID': vpn_id,
+        'Name': name,
+        'Type': 'VPN',
+        'VPN': {
+            'Type': 'OpenVPN',
+            'Host': hostname,
+            'OpenVPN': openvpn_config,
+        },
+    }
+
+    return json.dumps({
+        'type': 'UnencryptedConfiguration',
+        'Certificates': [cert],
+        'NetworkConfigurations': [vpn],
+    }, indent=2)
+
+
+def make_config(username, gw_name, os, protocol, http_proxy=None, ipv6=True):
+
     use_frag = protocol == 'udpl' and os != 'ios'
     ipv6 = ipv6 and (os != 'freebox')
     http_proxy = http_proxy if protocol == 'tcp' else None
@@ -31,9 +72,18 @@ def make_config(gw_name, os, protocol, http_proxy=None, ipv6=True):
     openvpn_ports = {'udp': 1196,  'udpl': 1194,  'tcp': 443}
 
     hostname = 'gw.%s.204vpn.net' % gw_name
+    port = openvpn_ports[protocol]
+    proto = openvpn_proto[protocol]
+
+    if os == 'chromeos':
+        name = "CCrypto VPN"
+        if gw_name != 'random':
+            name += " " + gw_name.upper()
+        return _make_onc(username, name, hostname, port, proto, http_proxy, ipv6)
+
     remote = str(hostname)
-    remote += ' ' + str(openvpn_ports[protocol])
-    remote += ' ' + openvpn_proto[protocol]
+    remote += ' ' + str(port)
+    remote += ' ' + proto
 
     config = """\
 # +----------------------------+
diff --git a/lambdainst/views.py b/lambdainst/views.py
index c316d7e..0252cd2 100644
--- a/lambdainst/views.py
+++ b/lambdainst/views.py
@@ -305,9 +305,12 @@ def config(request):
 def config_dl(request):
     allowed_cc = [cc for (cc, _) in get_locations()]
 
+    os = request.GET.get('client_os')
+
     common_options = {
+        'username': request.user.username,
         'protocol': request.GET.get('protocol'),
-        'os': request.GET.get('client_os'),
+        'os': os,
         'http_proxy': request.GET.get('http_proxy'),
         'ipv6': 'enable_ipv6' in request.GET,
     }
@@ -327,7 +330,10 @@ def config_dl(request):
         z = zipfile.ZipFile(f, mode='w')
 
         for gw_name in allowed_cc + ['random']:
-            filename = 'ccrypto-%s-%s.ovpn' % (gw_name, protocol)
+            if os == 'chromeos':
+                filename = 'ccrypto-%s-%s.onc' % (gw_name, protocol)
+            else:
+                filename = 'ccrypto-%s-%s.ovpn' % (gw_name, protocol)
             config = openvpn.make_config(gw_name=gw_name, **common_options)
             z.writestr(filename, config.encode('utf-8'))
 
@@ -342,15 +348,21 @@ def config_dl(request):
             gw_name = location[3:]
         else:
             gw_name = 'random'
-        filename = 'ccrypto-%s-%s.ovpn' % (gw_name, protocol)
+        if os == 'chromeos':
+            filename = 'ccrypto-%s-%s.onc' % (gw_name, protocol)
+        else:
+            filename = 'ccrypto-%s-%s.ovpn' % (gw_name, protocol)
 
         config = openvpn.make_config(gw_name=gw_name, **common_options)
 
         if 'plain' in request.GET:
             return HttpResponse(content=config, content_type='text/plain')
         else:
-            r = HttpResponse(content=config, content_type='application/x-openvpn-profile')
-            r['Content-Disposition'] = 'attachment; filename="%s.ovpn"' % filename
+            if os == 'chromeos':
+                r = HttpResponse(content=config, content_type='application/x-onc')
+            else:
+                r = HttpResponse(content=config, content_type='application/x-openvpn-profile')
+            r['Content-Disposition'] = 'attachment; filename="%s"' % filename
             return r
 
 
diff --git a/pages/help.en.md b/pages/help.en.md
index 80a5344..75f6f69 100644
--- a/pages/help.en.md
+++ b/pages/help.en.md
@@ -8,6 +8,7 @@ Title: Guides
   <li><a href="/page/install-windows"><i class="fa fa-windows fa-5x"></i> Windows</a></li>
   <li><a href="/page/install-gnulinux"><i class="fa fa-linux fa-5x"></i> GNU/Linux</a></li>
   <li><a href="/page/install-osx"><i class="fa fa-apple fa-5x"></i> OS X</a></li>
+  <li><a href="/page/install-chromeos"><i class="fa fa-chrome fa-5x"></i> Chromebook</a></li>
 </ul>
 
 ## Support
diff --git a/pages/help.fr.md b/pages/help.fr.md
index cb79ba6..29291f1 100644
--- a/pages/help.fr.md
+++ b/pages/help.fr.md
@@ -7,6 +7,7 @@ Title: Guides
   <li><a href="/page/install-windows"><i class="fa fa-windows fa-5x"></i> Windows</a></li>
   <li><a href="/page/install-gnulinux"><i class="fa fa-linux fa-5x"></i> GNU/Linux</a></li>
   <li><a href="/page/install-osx"><i class="fa fa-apple fa-5x"></i> OS X</a></li>
+  <li><a href="/page/install-chromeos"><i class="fa fa-chrome fa-5x"></i> Chromebook</a></li>
 </ul>
 
 ## Support
diff --git a/pages/install-chromeos.en.md b/pages/install-chromeos.en.md
new file mode 100644
index 0000000..fd56ddb
--- /dev/null
+++ b/pages/install-chromeos.en.md
@@ -0,0 +1,23 @@
+Title: Install on Chrome OS
+
+1. Download the .onc file needed in [your account](/account/config). Select
+  Chrome OS as the target OS.
+
+2. Go to <chrome://net-internals/#chromeos>, "ChromeOS" section, and import the downloaded file.
+  It won't display any confirmation; don't worry, it should have imported it anyway.
+
+    <img src="/static/pageimg/install_chromeos_1_arrows.png" alt="screenshot" />
+
+3. Open the Chrome OS Settings, click on Private Network (under Ethernet and Wi-Fi),
+  and select CCrypto VPN.
+
+    <img src="/static/pageimg/install_chromeos_2.png" alt="screenshot" />
+
+4. Then click the Connect button, enter your password, and Connect again.
+
+    <img src="/static/pageimg/install_chromeos_3.png" alt="screenshot" />
+
+5. Wait a few seconds and it should be connected.
+
+    <img src="/static/pageimg/install_chromeos_4.png" alt="screenshot" />
+
diff --git a/pages/install-chromeos.fr.md b/pages/install-chromeos.fr.md
new file mode 100644
index 0000000..ee6f45e
--- /dev/null
+++ b/pages/install-chromeos.fr.md
@@ -0,0 +1,24 @@
+Title: Install on Chrome OS
+
+1. Téléchargez le fichier .onc requis dans [votre compte](/account/config), en choisissant
+  Chrome OS comme OS.
+
+2. Allez sur <chrome://net-internals/#chromeos>, partie ChromeOS, et importez le fichier téléchargé.
+  Aucun message ne sera affiché, mais il devrait avoir été importé quand même.
+
+    <img src="/static/pageimg/install_chromeos_1_arrows.png" alt="screenshot" />
+
+3. Ouvrez les options de Chrome OS, cliquez sur Private Network (en dessous de Ethernet et Wi-Fi),
+  et sélectionnez CCrypto VPN.
+
+    <img src="/static/pageimg/install_chromeos_2.png" alt="screenshot" />
+
+4. Cliquez ensuite sur le bouton Connect, entrez votre mot de passe, et appuyez sur Connect
+  à nouveau.
+
+    <img src="/static/pageimg/install_chromeos_3.png" alt="screenshot" />
+
+5. Attendez quelques secondes et le VPN devrait être connecté.
+
+    <img src="/static/pageimg/install_chromeos_4.png" alt="screenshot" />
+
diff --git a/static/pageimg/install_chromeos_1.png b/static/pageimg/install_chromeos_1.png
new file mode 100644
index 0000000..a741242
Binary files /dev/null and b/static/pageimg/install_chromeos_1.png differ
diff --git a/static/pageimg/install_chromeos_1_arrows.png b/static/pageimg/install_chromeos_1_arrows.png
new file mode 100644
index 0000000..c823a1e
Binary files /dev/null and b/static/pageimg/install_chromeos_1_arrows.png differ
diff --git a/static/pageimg/install_chromeos_2.png b/static/pageimg/install_chromeos_2.png
new file mode 100644
index 0000000..e2f61f2
Binary files /dev/null and b/static/pageimg/install_chromeos_2.png differ
diff --git a/static/pageimg/install_chromeos_3.png b/static/pageimg/install_chromeos_3.png
new file mode 100644
index 0000000..069c125
Binary files /dev/null and b/static/pageimg/install_chromeos_3.png differ
diff --git a/static/pageimg/install_chromeos_4.png b/static/pageimg/install_chromeos_4.png
new file mode 100644
index 0000000..494b2e7
Binary files /dev/null and b/static/pageimg/install_chromeos_4.png differ