diff --git a/include/mbedtls/error.h b/include/mbedtls/error.h
index 31591e2d64..7f059771d4 100644
--- a/include/mbedtls/error.h
+++ b/include/mbedtls/error.h
@@ -71,7 +71,7 @@
  * Name      ID  Nr of Errors
  * PEM       1   9
  * PKCS#12   1   4 (Started from top)
- * X509      2   20
+ * X509      2   24
  * PKCS5     2   4 (Started from top)
  * DHM       3   9
  * PK        3   14 (Started from top)
diff --git a/include/mbedtls/x509.h b/include/mbedtls/x509.h
index a6e839281b..6efe34f29a 100644
--- a/include/mbedtls/x509.h
+++ b/include/mbedtls/x509.h
@@ -76,6 +76,10 @@
 #define MBEDTLS_ERR_X509_ALLOC_FAILED                     -0x2880  /**< Allocation of memory failed. */
 #define MBEDTLS_ERR_X509_FILE_IO_ERROR                    -0x2900  /**< Read/write of file failed. */
 #define MBEDTLS_ERR_X509_BUFFER_TOO_SMALL                 -0x2980  /**< Destination buffer is too small. */
+#define MBEDTLS_ERR_X509_INVALID_RESPONSE_STATUS          -0x2A00 /**< The OCSP response status is invalid */
+#define MBEDTLS_ERR_X509_INVALID_RESPONSE_TYPE            -0x2A10 /**< The OCSP response type is invalid */
+#define MBEDTLS_ERR_X509_INVALID_CERT_STATUS              -0x2A20 /**< A SingleResponse in the OCSP response specifies an invalid certificate status value */
+#define MBEDTLS_ERR_X509_INVALID_CRL_REASON               -0x2B00 /**< The CRLReason value is invalid */
 #define MBEDTLS_ERR_X509_FATAL_ERROR                      -0x3000  /**< A fatal error occured, eg the chain is too long or the vrfy callback failed. */
 /* \} name */
 
diff --git a/include/mbedtls/x509_crl.h b/include/mbedtls/x509_crl.h
index 18ad775e15..cf4542afab 100644
--- a/include/mbedtls/x509_crl.h
+++ b/include/mbedtls/x509_crl.h
@@ -35,8 +35,6 @@
 extern "C" {
 #endif
 
-#define MBEDTLS_ERR_X509_CRL_INVALID_CRL_REASON         -0x2B00
-
 #define MBEDTLS_X509_CRL_REASON_UNSPECIFIED                 0
 #define MBEDTLS_X509_CRL_REASON_KEY_COMPROMISE              1
 #define MBEDTLS_X509_CRL_REASON_CA_COMPROMISE               2
diff --git a/include/mbedtls/x509_ocsp.h b/include/mbedtls/x509_ocsp.h
index ac9ea88c45..4c6ea72f11 100644
--- a/include/mbedtls/x509_ocsp.h
+++ b/include/mbedtls/x509_ocsp.h
@@ -36,10 +36,6 @@
 
 #include <stdint.h>
 
-#define MBEDTLS_ERR_X509_OCSP_INVALID_RESPONSE_STATUS    -0x2A00 /**< The OCSP response status is invalid */
-#define MBEDTLS_ERR_X509_OCSP_INVALID_RESPONSE_TYPE      -0x2A10 /**< The OCSP response type is invalid */
-#define MBEDTLS_ERR_X509_OCSP_INVALID_CERT_STATUS        -0x2A20 /**< A SingleResponse in the OCSP response specifies an invalid certificate status value */
-
 /* OCSP response status values as defined in RFC 6960 Section 4.2.1 */
 #define MBEDTLS_X509_OCSP_RESPONSE_STATUS_SUCCESSFUL        0
 #define MBEDTLS_X509_OCSP_RESPONSE_STATUS_MALFORMED_REQ     1
diff --git a/library/error.c b/library/error.c
index db42381c42..e41a683b18 100644
--- a/library/error.c
+++ b/library/error.c
@@ -480,6 +480,14 @@ void mbedtls_strerror( int ret, char *buf, size_t buflen )
             mbedtls_snprintf( buf, buflen, "X509 - Read/write of file failed" );
         if( use_ret == -(MBEDTLS_ERR_X509_BUFFER_TOO_SMALL) )
             mbedtls_snprintf( buf, buflen, "X509 - Destination buffer is too small" );
+        if( use_ret == -(MBEDTLS_ERR_X509_INVALID_RESPONSE_STATUS) )
+            mbedtls_snprintf( buf, buflen, "X509 - The OCSP response status is invalid" );
+        if( use_ret == -(MBEDTLS_ERR_X509_INVALID_RESPONSE_TYPE) )
+            mbedtls_snprintf( buf, buflen, "X509 - The OCSP response type is invalid" );
+        if( use_ret == -(MBEDTLS_ERR_X509_INVALID_CERT_STATUS) )
+            mbedtls_snprintf( buf, buflen, "X509 - A SingleResponse in the OCSP response specifies an invalid certificate status value" );
+        if( use_ret == -(MBEDTLS_ERR_X509_INVALID_CRL_REASON) )
+            mbedtls_snprintf( buf, buflen, "X509 - The CRLReason value is invalid" );
         if( use_ret == -(MBEDTLS_ERR_X509_FATAL_ERROR) )
             mbedtls_snprintf( buf, buflen, "X509 - A fatal error occured, eg the chain is too long or the vrfy callback failed" );
 #endif /* MBEDTLS_X509_USE_C || MBEDTLS_X509_CREATE_C */
diff --git a/library/x509_ocsp.c b/library/x509_ocsp.c
index a971c2adde..3f17950c33 100644
--- a/library/x509_ocsp.c
+++ b/library/x509_ocsp.c
@@ -151,7 +151,7 @@ static int x509_ocsp_get_response_status( unsigned char **p,
         case MBEDTLS_X509_OCSP_RESPONSE_STATUS_UNAUTHORIZED:
             break;
         default:
-            return( MBEDTLS_ERR_X509_OCSP_INVALID_RESPONSE_STATUS );
+            return( MBEDTLS_ERR_X509_INVALID_RESPONSE_STATUS );
     }
 
     return( 0 );
@@ -174,7 +174,7 @@ static int x509_ocsp_get_response_type( unsigned char **p,
     if( MBEDTLS_OID_CMP( MBEDTLS_OID_OCSP, resp_type ) != 0 &&
         MBEDTLS_OID_CMP( MBEDTLS_OID_OCSP_BASIC, resp_type ) != 0 )
     {
-        return( MBEDTLS_ERR_X509_OCSP_INVALID_RESPONSE_TYPE );
+        return( MBEDTLS_ERR_X509_INVALID_RESPONSE_TYPE );
     }
 
     *p = *p + len;
@@ -459,7 +459,7 @@ static int x509_ocsp_get_crl_reason( unsigned char **p,
         case MBEDTLS_X509_CRL_REASON_AA_COMPROMISE:
             break;
         default:
-            return( MBEDTLS_ERR_X509_CRL_INVALID_CRL_REASON );
+            return( MBEDTLS_ERR_X509_INVALID_CRL_REASON );
     }
 
     return( 0 );
@@ -565,7 +565,7 @@ static int x509_ocsp_get_cert_status( unsigned char **p,
             return( ret );
     }
     else
-            return( MBEDTLS_ERR_X509_OCSP_INVALID_CERT_STATUS );
+            return( MBEDTLS_ERR_X509_INVALID_CERT_STATUS );
 
     if( *p != end )
         return( MBEDTLS_ERR_X509_INVALID_FORMAT +