The request you're creating isn't actually using url encoding, perhaps because you're working too hard at it by supplying your own headers. To see what I mean, add   print $req->as_string(); after you've created the request, and note that the form is not correctly encoded. I suspect this is causing problems on the far end. A simpler approach is to do

  use HTTP::Request::Common qw(POST);

  $req = POST 'https://asite.com:443/adir/create_user.cgi', [
            Content => "<User>John.Doe</User>"
        ];

  print $req->as_string();
[download]

and note the difference. The form is correctly URL encoded, and Content-length has been adjusted accordingly.

Note that once Crypt::SSLeay is installed, you don't need to use it explicitly. LWP will use it automagically when it sees 'https'. You can even leave :443 out of the URL, since it is implied by 'https'.