diff --git a/docker-compose.env.example b/docker-compose.env.example
index 51332437d..d939a327a 100644
--- a/docker-compose.env.example
+++ b/docker-compose.env.example
@@ -16,6 +16,7 @@
 # different from PAPERLESS_OCR_LANGUAGE (default=eng), which defines the
 # default language used when guessing the language from the OCR output.
 # PAPERLESS_OCR_LANGUAGES=deu ita
+# PAPERLESS_USE_SSL=false
 
 # You can change the default user and group id to a custom one
 # USERMAP_UID=1000
diff --git a/docs/setup.rst b/docs/setup.rst
index ed9a0b49f..288ca7405 100644
--- a/docs/setup.rst
+++ b/docs/setup.rst
@@ -193,6 +193,11 @@ Docker Method
      container and thus the one of the consumption directory. Furthermore, you
      can change the id of the default user as well using ``USERMAP_UID``.
 
+  ``USE_SSL``
+    If you want Paperless to use SSL for the user interface, set this variable
+    to ``true``. You also need to copy your certificate and key to the ``data``
+    directory, named ``ssl.cert`` and ``ssl.key``.
+
 6. Run ``docker-compose up -d``. This will create and start the necessary
    containers.
 7. To be able to login, you will need a super user. To create it, execute the
@@ -206,7 +211,8 @@ Docker Method
    e-mail address and finally a password.
 8. The default ``docker-compose.yml`` exports the webserver on your local port
    8000. If you haven't adapted this, you should now be able to visit your
-   `Paperless webserver`_ at ``http://127.0.0.1:8000``. You can login with the
+   `Paperless webserver`_ at ``http://127.0.0.1:8000`` (or 
+   ``https://127.0.0.1:8000`` if you enabled SSL). You can login with the
    user and password you just created.
 9. Add files to consumption directory the way you prefer to. Following are two
    possible options:
diff --git a/scripts/docker-entrypoint.sh b/scripts/docker-entrypoint.sh
index 14f431b64..df629554a 100644
--- a/scripts/docker-entrypoint.sh
+++ b/scripts/docker-entrypoint.sh
@@ -101,8 +101,14 @@ if [[ "$1" != "/"* ]]; then
 
     if [[ "$1" = "gunicorn" ]]; then
         shift
+        EXTRA_PARAMS=""
+        SSL_KEY_PATH="/usr/src/paperless/data/ssl.key"
+        SSL_CERT_PATH="/usr/src/paperless/data/ssl.cert"
+        if [ "${PAPERLESS_USE_SSL}" = "true" ] && [ -f "${SSL_KEY_PATH}" ] && [ -f "${SSL_CERT_PATH}" ]; then
+            EXTRA_PARAMS="--certfile=${SSL_CERT_PATH} --keyfile=${SSL_KEY_PATH}"
+        fi
         cd /usr/src/paperless/src/ && \
-            exec sudo -HEu paperless /usr/bin/gunicorn -c /usr/src/paperless/gunicorn.conf "$@" paperless.wsgi
+            exec sudo -HEu paperless /usr/bin/gunicorn -c /usr/src/paperless/gunicorn.conf ${EXTRA_PARAMS} "$@" paperless.wsgi
     else
         exec sudo -HEu paperless "/usr/src/paperless/src/manage.py" "$@"
     fi