I'm still guessing, so you might want to contract someone with devops, or web-server admin, experience. My best guess, is that in following those instructions, you created a cert for the domain-name, not a generic TLS certificate. Such a cert will not work for requests to that machine other than one to the domain-name the cert is for. A simple way to verify this, would be to only connect via that domain-name, even when on local.
- Your machine must have a valid DNS address in order to have a valid SSL certificate. Certificates typically aren’t granted for bare IP addresses because it’s a lot harder to prove that you own/control a bare IP address.
If that's the case, then you still should be able to connect just fine:
➜ ~ cypher-shell -a --debug true neo4j+s://graph.mydomain.com:7687
(you may need to add an entry to your hosts file: 10.116.0.3 graph.mydomain.com
If that's not the case, and your cert is not locked to the domain-name:
Since you're connecting via cypher-shell, I'd try it with --debug true:
➜ ~ cypher-shell -a --debug true neo4j+s://10.116.0.3:7687
Next, you'll need to test the TLS handshake:
openssl s_client -crlf -connect 10.116.0.3:7687