Nothing. I don't even have a file like that. I mean the howto didn't specify from which folder I should run the command, so i ran it from /etc/racoon and from other places too. (the howto mentioned openssl.conf i tried that too)
But #locate openssl.conf only gives this one answer
After a bit of browsing i found openssl.cnf in /etc/ssl, and it indeed has a
few parts i think should work. Pasting them now:
[ req ]
default_bits = 1024
default_keyfile = privkey.pem
distinguished_name = req_distinguished_name
attributes = req_attributes
x509_extensions = v3_ca # The extentions to add to the self signed cert
[ v3_ca ]
# Extensions for a typical CA
# PKIX recommendation.
# This is what PKIX recommends but some broken software chokes on critical
#basicConstraints = critical,CA:true
# So we do this instead.
basicConstraints = CA:true
# Key usage: this is typical for a CA certificate. However since it will
# prevent it being used as an test self-signed certificate it is best
# left out by default.
# keyUsage = cRLSign, keyCertSign
# Some might want this also
# nsCertType = sslCA, emailCA
# Include email address in subject alt name: another PKIX recommendation
# Copy issuer details
# DER hex encoding of an extension: beware experts only!
# Where 'obj' is a standard or added object
# You can even override a supported extension:
# basicConstraints= critical, DER:30:03:01:01:FF
[ crl_ext ]
So i think i am missing something, but i don't know where i make that mistake.