diff --git a/include/polarssl/error.h b/include/polarssl/error.h
index 889e4bebc..4c9ef7c47 100644
--- a/include/polarssl/error.h
+++ b/include/polarssl/error.h
@@ -73,19 +73,20 @@
  * PBKDF2    1  0x007C-0x007C
  *
  * High-level module nr (3 bits - 0x1...-0x8...)
- * Name     ID  Nr of Errors
- * PEM      1   9
- * PKCS#12  1   4 (Started from top)
- * X509     2   25
- * PK       2   3 (Started from top)
- * DHM      3   6
- * PKCS5    3   4 (Started from top)
- * RSA      4   9
- * ECP      4   4 (Started from top)
- * MD       5   4
- * CIPHER   6   5
- * SSL      6   6 (Started from top)
- * SSL      7   31
+ * Name      ID  Nr of Errors
+ * PEM       1   9
+ * PKCS#12   1   4 (Started from top)
+ * X509      2   25
+ * PK        2   3 (Started from top)
+ * DHM       3   6
+ * PKCS5     3   4 (Started from top)
+ * RSA       4   9
+ * ECP       4   4 (Started from top)
+ * MD        5   4
+ * X509WRITE 5   3 (Started from top)
+ * CIPHER    6   5
+ * SSL       6   6 (Started from top)
+ * SSL       7   31
  *
  * Module dependent error code (5 bits 0x.08.-0x.F8.)
  */
diff --git a/include/polarssl/x509write.h b/include/polarssl/x509write.h
index c95172f57..2933b2f5c 100644
--- a/include/polarssl/x509write.h
+++ b/include/polarssl/x509write.h
@@ -31,9 +31,10 @@
 
 #include "rsa.h"
 
-#define POLARSSL_ERR_X509_WRITE_UNKNOWN_OID             -1
-#define POLARSSL_ERR_X509_WRITE_BAD_INPUT_DATA          -1
-#define POLARSSL_ERR_X509_WRITE_MALLOC_FAILED           -1
+#define POLARSSL_ERR_X509WRITE_UNKNOWN_OID                -0x5F80  /**< Requested OID is unknown. */
+#define POLARSSL_ERR_X509WRITE_BAD_INPUT_DATA             -0x5F00  /**< Failed to allocate memory. */
+#define POLARSSL_ERR_X509WRITE_MALLOC_FAILED              -0x5E80  /**< Failed to allocate memory. */
+
 
 #ifdef __cplusplus
 extern "C" {
diff --git a/library/error.c b/library/error.c
index 0ea3c297c..86586dde2 100644
--- a/library/error.c
+++ b/library/error.c
@@ -149,6 +149,10 @@
 #include "polarssl/x509.h"
 #endif
 
+#if defined(POLARSSL_X509_WRITE_C)
+#include "polarssl/x509write.h"
+#endif
+
 #if defined(POLARSSL_XTEA_C)
 #include "polarssl/xtea.h"
 #endif
@@ -251,7 +255,7 @@ void polarssl_strerror( int ret, char *buf, size_t buflen )
         if( use_ret == -(POLARSSL_ERR_PK_MALLOC_FAILED) )
             snprintf( buf, buflen, "PK - Memory alloation failed" );
         if( use_ret == -(POLARSSL_ERR_PK_TYPE_MISMATCH) )
-            snprintf( buf, buflen, "PK - Type mismatch, eg attempt to use a RSA key as EC, or to modify key type" );
+            snprintf( buf, buflen, "PK - Type mismatch, eg attempt to encrypt with an ECDSA key" );
         if( use_ret == -(POLARSSL_ERR_PK_BAD_INPUT_DATA) )
             snprintf( buf, buflen, "PK - Bad input parameters to function" );
 #endif /* POLARSSL_PK_C */
@@ -432,6 +436,15 @@ void polarssl_strerror( int ret, char *buf, size_t buflen )
             snprintf( buf, buflen, "X509 - Elliptic curve is unsupported (only NIST curves are supported)" );
 #endif /* POLARSSL_X509_PARSE_C */
 
+#if defined(POLARSSL_X509_WRITE_C)
+        if( use_ret == -(POLARSSL_ERR_X509WRITE_UNKNOWN_OID) )
+            snprintf( buf, buflen, "X509WRITE - Requested OID is unknown" );
+        if( use_ret == -(POLARSSL_ERR_X509WRITE_BAD_INPUT_DATA) )
+            snprintf( buf, buflen, "X509WRITE - Failed to allocate memory" );
+        if( use_ret == -(POLARSSL_ERR_X509WRITE_MALLOC_FAILED) )
+            snprintf( buf, buflen, "X509WRITE - Failed to allocate memory" );
+#endif /* POLARSSL_X509_WRITE_C */
+
         if( strlen( buf ) == 0 )
             snprintf( buf, buflen, "UNKNOWN ERROR CODE (%04X)", use_ret );
     }
diff --git a/library/x509write.c b/library/x509write.c
index 0e6e4bf6a..337f4c25c 100644
--- a/library/x509write.c
+++ b/library/x509write.c
@@ -105,7 +105,7 @@ int x509write_csr_set_subject_name( x509_csr *ctx, char *subject_name )
                 oid = OID_AT_STATE;
             else
             {
-                ret = POLARSSL_ERR_X509_WRITE_UNKNOWN_OID;
+                ret = POLARSSL_ERR_X509WRITE_UNKNOWN_OID;
                 goto exit;
             }
 
@@ -117,7 +117,7 @@ int x509write_csr_set_subject_name( x509_csr *ctx, char *subject_name )
         {
             if( c - s > 127 )
             {
-                ret = POLARSSL_ERR_X509_WRITE_BAD_INPUT_DATA;
+                ret = POLARSSL_ERR_X509WRITE_BAD_INPUT_DATA;
                 goto exit;
             }
 
@@ -125,7 +125,7 @@ int x509write_csr_set_subject_name( x509_csr *ctx, char *subject_name )
 
             if( cur == NULL )
             {
-                ret = POLARSSL_ERR_X509_WRITE_MALLOC_FAILED;
+                ret = POLARSSL_ERR_X509WRITE_MALLOC_FAILED;
                 goto exit;
             }
 
diff --git a/scripts/generate_errors.pl b/scripts/generate_errors.pl
index 7257ae670..5b9549402 100755
--- a/scripts/generate_errors.pl
+++ b/scripts/generate_errors.pl
@@ -13,7 +13,7 @@ my @low_level_modules = ( "AES", "ASN1", "BLOWFISH", "CAMELLIA", "BIGNUM",
                           "PADLOCK", "DES", "NET", "CTR_DRBG", "ENTROPY",
                           "MD2", "MD4", "MD5", "SHA1", "SHA256", "SHA512", "GCM" );
 my @high_level_modules = ( "PEM", "X509", "DHM", "RSA", "ECP", "MD", "CIPHER", "SSL",
-                           "PK", "PKCS12", "PKCS5" );
+                           "PK", "PKCS12", "PKCS5", "X509WRITE" );
 
 my $line_separator = $/;
 undef $/;
@@ -49,6 +49,7 @@ while (my $line = <GREP>)
 
     my $define_name = $module_name;
     $define_name = "X509_PARSE" if ($define_name eq "X509");
+    $define_name = "X509_WRITE" if ($define_name eq "X509WRITE");
     $define_name = "ASN1_PARSE" if ($define_name eq "ASN1");
     $define_name = "SSL_TLS" if ($define_name eq "SSL");