So there are two aspects of SSL to consider.  1) The encryption of the connection 2) The validation of the identity of the server you are connecting to. 

In your case you have activated SSL and achieved 1 - arguably it is 'secure' in the sense that people listening on the network will not be able to see the data - but in order for a browser to validate the identity, 2, there are a further two considerations. 

A) Does the 'common name' or CN match the URL that the user entered - so in your case I can see the certificate has a CN of "www.example.com" which won't be the URL, especially when accessing via IP, so best to get a DNS record assigned to point to your application and then create a certificate against that name. There is also B) who issued the certificate - browsers check with 3rd parties to understand who issued the certificate - as this is another mechanism to validate the identity of the server - in your case it appears you have issued the certificate yourself, sometimes called a 'self signed' certificate.  So the browser cannot validate it.  You can get a browser to trust it, but this will be hard to scale if you have external people trying to access, so better to get a certificate (with the correct name) from a recognised authority.  Thankfully there are free options for this these days.

This can be a tricky topic to understand, but I hope I have explained some of the basics, this is a good resource to learn more including steps on how to obtain certificates: https://support.google.com/domains/answer/7630973?hl=en-GB