OK so its 100% certificate based with Perl, if I set this to 0 then it works fine
$server->set_server_cert_verification(1);
I tried adding the root and subordinate certs to the PEM file for Mozilla as part of perl, which is in "C:\Program Files\NetApp\WFA\Perl64\lib\Mozilla\CA". This hasn't helped, I'm assuming there is another part to this to get the CA certs into the Perl runtime.
The WFA host itself has no issues connecting to the cluster management LIF cert, it's all fine. So it's 100% the Perl runtime and it's ability to accept the cert, what I dont understand is under normal conditions you would have self assigned certificates on the cluster managment LIF - I fail to see how this works out the box. Perhaps this can be taken up with engineering or a higher level? Is it possible something has changed in regards to certificates in the latest versions on WFA and Perl, I'm running the following version of Perl with 5.1.3212 Work Flow Automation.
PS C:\Windows\system32> perl -version
This is perl 5, version 26, subversion 3 (v5.26.3) built for MSWin32-x64-multi-thread
(with 2 registered patches, see perl -V for more detail)
Copyright 1987-2018, Larry Wall
Binary build 2603 [e95bda1d] NetApp provided by ActiveState http://www.ActiveState.com
Built May 29 2019 22:07:02
Perl may be copied only under the terms of either the Artistic License or the
GNU General Public License, which may be found in the Perl 5 source kit.
Complete documentation for Perl, including FAQ lists, should be found on
this system using "man perl" or "perldoc perl". If you have access to the
Internet, point your browser at http://www.perl.org/, the Perl Home Page.