X509V3_EXT_nconf_int:error in extension:crypto/x509/v3_conf.c:48:section=req_ext, name=extendedKeyUsage, value=

[Robert Moskowitz]

I have:

[ req_ext ]
basicConstraints = $ENV::basicConstraints
keyUsage = $ENV::certkeyusage
extendedKeyUsage = $ENV::certextkeyusage
subjectAltName = $ENV::subjectAltName

And sometimes I want these variables to be empty.  That is not to be 
included in the csr.

I thought that I had this working, but guess not.

How can I have is so that some csr are created with all of these and 
others only some?

thanks