LinkedIn and Let's Encrypt
Using LinkedIn's REST API and have a certificate installed from Let's Encrypt? You need to read this.
Join the DZone community and get the full member experience.Join For Free
Last night I was playing around with the LinkedIn REST API and quite by accident, I discovered something. If you have installed a Let’s Encrypt certificate on your site, LinkedIn will not read images included in your OpenGraph tags.
A little primer for my non-tech friends
Ok, for those of my readers who are not programmers, Open Graph is how sites like Facebook, Twitter, and sometimes even LinkedIn display an image, a title, and a summary of a web page automagically when all you do is share the URL. Let’s look at an example.
If you go to my recent postcard, https://blog.calevans.com/2016/05/16/postcards-life-010/, and view the source of the page, you will eventually find a section with a bunch of meta tags. Some of them will look like this.
See the “og:” there? that is your indicator that these are Open Graph tags. They give any site that pays attention vital information that otherwise, they would have to grep the HTML and attempt to infer. In the case of the tags above:
- The page’s title
- The page’s URL
- The name of the site the URL comes from
- When it was last updated
- The image to use when displaying this URL.
That last one is important as it’s the one that LinkedIn is failing on.
Developers, Start Reading Again
Browser->LinkedIn Service->LinkedIn Image Service->Browser
something is broken. Something doesn’t like Let’s Encrypt. How do I know? Let’s run a quick test.
- Open LinkedIn.com in a separate tab and if you aren’t already so, log in.
- Click the “Share an Update” button:
- Pass in this link. https://blog.calevans.com/2016/05/16/postcards-life-010/
- Notice that you see the title and the copy, but not the image. The image is blank.
- Ok, abort this update and start a new one.
- Paste in this URL https://voicesoftheelephpant.com/2016/05/10/interview-helen-housandi/
- See how the image appears? That is what is supposed to happen.
- You can abort this update now as well. (Or post it, it’s a good interview.)
Voices of the ElePHPant has a different cert because Apple doesn’t like Let’s Encrypt either.
If posting to LinkedIn is important to you – and it is not to me – then do not use a Let’s Encrypt certificate. Get you a cheap one from ssls.com.
Published at DZone with permission of Cal Evans, DZone MVB. See the original article here.
Opinions expressed by DZone contributors are their own.