diff --git a/scripts/openssl.test b/scripts/openssl.test
index 605946b46..55cdfaa6a 100755
--- a/scripts/openssl.test
+++ b/scripts/openssl.test
@@ -2,6 +2,10 @@
 
 #openssl.test
 
+# Enviornment variables used:
+# OPENSSL            (openssl app to use)
+# OPENSSL_ENGINE_ID  (engine id if any i.e. "wolfengine")
+
 CERT_DIR="$PWD/$(dirname "$0")/../certs"
 
 if ! test -n "$WOLFSSL_OPENSSL_TEST"; then
@@ -129,17 +133,39 @@ start_openssl_server() {
     server_port=$port
     found_free_port=0
     counter=0
+
+    # If OPENSSL_ENGINE_ID has been set then check that the desired engine can
+    # be loaded successfully and error out if not. Otherwise the OpenSSL app
+    # will fall back to default engine.
+    if [ ! -z "${OPENSSL_ENGINE_ID}" ]; then
+        OUTPUT=`$OPENSSL engine -tt $OPENSSL_ENGINE_ID`
+        if [ $? != 0 ]; then
+            printf "not able to load engine\n"
+            printf "$OPENSSL engine -tt $OPENSSL_ENGINE_ID\n"
+            do_cleanup
+            exit 1
+        else
+            echo $OUTPUT | grep "available"
+            if [ $? != 0 ]; then
+                printf "engine not available\n"
+                do_cleanup
+                exit 1
+            fi
+        fi
+        OPENSSL_ENGINE_ID="-engine ${OPENSSL_ENGINE_ID}"
+    fi
+
     while [ "$counter" -lt 20 ]; do
         echo -e "\n# Trying to start $openssl_suite OpenSSL server on port $server_port..."
         echo "#"
 
         if [ "$cert_file" != "" ]
         then
-            echo "# " $OPENSSL s_server -accept $server_port -cert $cert_file -key $key_file  -quiet -CAfile $ca_file -www -dhparam ${CERT_DIR}/dh2048.pem -verify 10 -verify_return_error -psk $psk_hex -cipher "ALL:eNULL" $openssl_nodhe
-            $OPENSSL s_server -accept $server_port -cert $cert_file -key $key_file  -quiet -CAfile $ca_file -www -dhparam ${CERT_DIR}/dh2048.pem -verify 10 -verify_return_error -psk $psk_hex -cipher "ALL:eNULL" $openssl_nodhe &
+            echo "# " $OPENSSL s_server -accept $server_port $OPENSSL_ENGINE_ID -cert $cert_file -key $key_file  -quiet -CAfile $ca_file -www -dhparam ${CERT_DIR}/dh2048.pem -verify 10 -verify_return_error -psk $psk_hex -cipher "ALL:eNULL" $openssl_nodhe
+            $OPENSSL s_server -accept $server_port $OPENSSL_ENGINE_ID -cert $cert_file -key $key_file  -quiet -CAfile $ca_file -www -dhparam ${CERT_DIR}/dh2048.pem -verify 10 -verify_return_error -psk $psk_hex -cipher "ALL:eNULL" $openssl_nodhe &
         else
-            echo "# " $OPENSSL s_server -accept $server_port -quiet -nocert -www -dhparam ${CERT_DIR}/dh2048.pem -verify 10 -verify_return_error -psk $psk_hex -cipher "ALL:eNULL" $openssl_nodhe
-            $OPENSSL s_server -accept $server_port -quiet -nocert -www -dhparam ${CERT_DIR}/dh2048.pem -verify 10 -verify_return_error -psk $psk_hex -cipher "ALL:eNULL" $openssl_nodhe &
+            echo "# " $OPENSSL s_server -accept $server_port $OPENSSL_ENGINE_ID -quiet -nocert -www -dhparam ${CERT_DIR}/dh2048.pem -verify 10 -verify_return_error -psk $psk_hex -cipher "ALL:eNULL" $openssl_nodhe
+            $OPENSSL s_server -accept $server_port $OPENSSL_ENGINE_ID -quiet -nocert -www -dhparam ${CERT_DIR}/dh2048.pem -verify 10 -verify_return_error -psk $psk_hex -cipher "ALL:eNULL" $openssl_nodhe &
         fi
         server_pid=$!
         # wait to see if s_server successfully starts before continuing