OpenSSL: How to create a certificate with an empty subject?

Question

I need to generate certificate with empty Subject field. I have tried to use config:

[ req ]
default_bits                            = 1024                  # Size of keys
default_md                              = md5                           
algorithm
string_mask                             = nombstr               # permitted characters
#string_mask                            = pkix          # permitted characters
distinguished_name                      = req_distinguished_name
req_extensions                          = v3_req

[ policy_match ]
commonName              = optional
countryName             = optional
emailAddress            = optional

[ req_distinguished_name ]
# Variable name                         Prompt string
#-------------------------        ----------------------------------
0.organizationName                      = Organization Name (company)
organizationalUnitName                  = Organizational Unit Name (division)
localityName                            = Locality Name (city, district)
stateOrProvinceName                     = State or Province Name (full name)
countryName                             = Country Name (2 letter code)
commonName                              = Common Name (hostname, IP, or your name)
0.organizationName_default              = 
localityName_default                    = 
stateOrProvinceName_default             = 
countryName_default                     = 
emailAddress_default                    = 

[ v3_req ]
basicConstraints                        = CA:FALSE
subjectKeyIdentifier                    = hash
subjectAltName                          = critical,DNS:example3.com

But got:

Organization Name (company) []:
Organizational Unit Name (department, division) []:
Locality Name (city, district) []:
State or Province Name (full name) []:
Country Name (2 letter code) []:
Common Name (hostname, IP, or your name) []:
error, no objects specified in config file
problems making Certificate Request

I found the same problem here: https://superuser.com/questions/512673/openssl-how-to-create-a-certificate-with-an-empty-subject-dn

But no solution. When i am typing just enter (empty fields) i got this error: error, no objects specified in config file

Could you help ? How to generate CSR with empty Subject name ?

Thanks

Answer 1

I found that if I entered something for at least one of the prompts, I didn't get the error and the csr file was created.

Country Name (2 letter code) []:US                        <-- only entered this
State or Province Name (full name) []:
Locality Name (eg, city) []:
Organization Name (eg, company) []:
Organizational Unit Name (eg, section) []: 
Common Name (eg, fully qualified host name) []:
Email Address []:

Please enter the following 'extra' attributes
to be sent with your certificate request
A challenge password []: