It probably depends on the host
See my update to the earlier node
lease note that the Lets Encrypt certificates that are automagically renewed are the certificates that allow people to securely connect to your shared host under your domain name(s). That's separate from the CA store on the server, which is the list of certificates that your perl scripts will use to determine if a machine they connect to have a valid certificate or not.
I hadn't realised that when the problem first appeared. I had sort of worked it out but it is certainly helpful that you explicitly pointed it out. Many thanks.