This should add a check to make sure the server is up before connecting

certs/ocsp/renewcerts.sh

@@ -80,10 +80,23 @@ update_cert server3          "www3.wolfssl.com"                intermediate2-ca
 update_cert server4          "www4.wolfssl.com"                intermediate2-ca v3_req2 08 # REVOKED
 update_cert server5          "www5.wolfssl.com"                intermediate3-ca v3_req3 09
 
+wait_server_ready() {
+    MAX_TIMEOUT=10
+    PORT=$1
+    until nc -z localhost $PORT # Wait for openssl to be ready
+    do
+        sleep 0.05
+        if [ "$MAX_TIMEOUT" == "0" ]; then
+            break
+        fi
+        ((MAX_TIMEOUT--))
+    done
+}
 
 # Create response DER buffer for test
 openssl ocsp -port 22221 -ndays 1000 -index index-ca-and-intermediate-cas.txt -rsigner ocsp-responder-cert.pem -rkey ocsp-responder-key.pem -CA root-ca-cert.pem -partial_chain &
 PID=$!
+wait_server_ready 22221
 
 openssl ocsp -issuer ./root-ca-cert.pem -cert ./intermediate1-ca-cert.pem -url http://localhost:22221/ -respout test-response.der -noverify
 openssl ocsp -issuer ./root-ca-cert.pem -cert ./intermediate1-ca-cert.pem -url http://localhost:22221/ -respout test-response-nointern.der -no_intern -noverify
@@ -95,6 +108,7 @@ wait $PID
 # now start up a responder that signs using rsa-pss
 openssl ocsp -port 22221 -ndays 1000 -index index-ca-and-intermediate-cas.txt -rsigner ocsp-responder-cert.pem -rkey ocsp-responder-key.pem -CA root-ca-cert.pem -rsigopt rsa_padding_mode:pss &
 PID=$!
+wait_server_ready 22221
 
 openssl ocsp -issuer ./root-ca-cert.pem -cert ./intermediate1-ca-cert.pem -url http://localhost:22221/ -respout test-response-rsapss.der -noverify
 # can verify with the following command