diff --git a/README.md b/README.md
index d33563a..80358ce 100644
--- a/README.md
+++ b/README.md
@@ -50,6 +50,8 @@ On Linux, install `certutil`
 sudo apt install libnss3-tools
     -or-
 sudo yum install nss-tools
+    -or-
+sudo pacman -S nss
 ```
 and install using [Linuxbrew](http://linuxbrew.sh/).
 
@@ -87,7 +89,7 @@ mkcert supports the following root stores:
 * macOS system store
 * Windows system store
 * Linux variants that provide either
-    * `update-ca-trust` (Fedora, RHEL, CentOS) or
+    * `update-ca-trust` (Fedora, RHEL, CentOS, Arch) or
     * `update-ca-certificates` (Ubuntu, Debian)
 * Firefox (macOS and Linux only)
 * Chrome and Chromium
diff --git a/truststore_linux.go b/truststore_linux.go
index 779b914..788b144 100644
--- a/truststore_linux.go
+++ b/truststore_linux.go
@@ -24,16 +24,15 @@ var (
 )
 
 func init() {
-	_, err := os.Stat("/etc/pki/ca-trust/source/anchors/")
-	if err == nil {
+	if pathExists("/etc/pki/ca-trust/source/anchors/") {
 		SystemTrustFilename = "/etc/pki/ca-trust/source/anchors/mkcert-rootCA.pem"
 		SystemTrustCommand = []string{"update-ca-trust", "extract"}
-	} else {
-		_, err = os.Stat("/usr/local/share/ca-certificates/")
-		if err == nil {
-			SystemTrustFilename = "/usr/local/share/ca-certificates/mkcert-rootCA.crt"
-			SystemTrustCommand = []string{"update-ca-certificates"}
-		}
+	} else if pathExists("/usr/local/share/ca-certificates/") {
+		SystemTrustFilename = "/usr/local/share/ca-certificates/mkcert-rootCA.crt"
+		SystemTrustCommand = []string{"update-ca-certificates"}
+	} else if pathExists("/etc/ca-certificates/trust-source/anchors/") {
+		SystemTrustFilename = "/etc/ca-certificates/trust-source/anchors/mkcert-rootCA.crt"
+		SystemTrustCommand = []string{"trust", "extract-compat"}
 	}
 	if SystemTrustCommand != nil {
 		_, err := exec.LookPath(SystemTrustCommand[0])
@@ -43,6 +42,11 @@ func init() {
 	}
 }
 
+func pathExists(path string) bool {
+	_, err := os.Stat(path)
+	return err == nil
+}
+
 func (m *mkcert) installPlatform() bool {
 	if SystemTrustCommand == nil {
 		log.Printf("Installing to the system store is not yet supported on this Linux 😣 but %s will still work.", NSSBrowsers)