diff --git a/source/applepay-test-certificate-chain.tar b/source/applepay-test-certificate-chain.tar
new file mode 100644
index 00000000..0547bb00
Binary files /dev/null and b/source/applepay-test-certificate-chain.tar differ
diff --git a/source/index.html.md b/source/index.html.md
index 2130e58e..e3b0527b 100644
--- a/source/index.html.md
+++ b/source/index.html.md
@@ -846,6 +846,11 @@ a payment token:
   <b>Notice:</b> An authorization made with <code>applepay</code> cannot be a
   subsequent-in-series authorization.
   <br />
+  <b>Notice:</b> In production, the Apple Pay token's signature is checked
+  against Apple's certificate chain. For the test system, we use
+  <a href="applepay-test-certificate-chain.tar">a self-generated certificate
+  chain</a> (includes a client certificate and key for your convenience).
+  <br />
   <b>Notice:</b> Clients using <code>applepay[raw]</code> are responsible for
   verifying the payment token's signature, decrypting the token's payment data,
   validating the format of the fields in the payment data, etc. The procedure