The "An unexpected error occurred on send" error when connecting to IIS Remote Management is caused by your local .NET Framework using deprecated TLS versions that the servers no longer support. To fix it, run these four PowerShell commands from an elevated prompt to update the .NET Framework 4.0 registry keys for both 64-bit and 32-bit environments, then restart your computer.

These changes enable strong cryptography and allow .NET to adopt the operating system's default TLS settings, typically TLS 1.2 and higher. The process requires administrative access and careful execution because it modifies the registry.

#Why This TLS Mismatch Occurs

Servers enforce current security standards by disabling legacy TLS protocols such as 1.0 and 1.1 that contain known vulnerabilities. The .NET Framework v4.0.30319 on many client machines retains older default behavior for outbound HTTPS connections. When IIS Manager attempts the remote connection, the SSL/TLS handshake cannot complete, producing the generic "on send" error. The registry values SchUseStrongCrypto and SystemDefaultTlsVersions override these defaults at the runtime level.

#Preparation Steps

  • Create a full registry backup with regedit or a System Restore point before proceeding Launch PowerShell with administrative privileges (right-click Run as administrator) Close all instances of IIS Manager and any other .NET applications that might cache TLS settings Confirm you are working on the client machine used to manage the remote IIS instance

Registry edits carry risk of application instability if performed incorrectly. The commands listed below have been tested to resolve the handshake failure on supported Windows client versions without introducing additional issues.

#Executing the Registry Updates

Open an elevated PowerShell prompt and run the following commands exactly as shown. They target the specific .NET Framework keys that control cryptographic and TLS behavior.

powershell 
New-ItemProperty "hklm:\SOFTWARE\Microsoft\.NETFramework\v4.0.30319" -Name SchUseStrongCrypto -Value 1 -PropertyType DWord
New-ItemProperty "hklm:\SOFTWARE\Microsoft\.NETFramework\v4.0.30319" -Name SystemDefaultTlsVersions -Value 1 -PropertyType DWord
New-ItemProperty "hklm:\SOFTWARE\WOW6432Node\Microsoft\.NETFramework\v4.0.30319" -Name SchUseStrongCrypto -Value 1 -PropertyType DWord
New-ItemProperty "hklm:\SOFTWARE\WOW6432Node\Microsoft\.NETFramework\v4.0.30319" -Name SystemDefaultTlsVersions -Value 1 -PropertyType DWord

The first pair configures the 64-bit runtime; the second pair applies the same settings to the 32-bit WOW64 node so that 32-bit tools also receive the updated behavior. SchUseStrongCrypto disables legacy weak crypto providers. SystemDefaultTlsVersions removes hard-coded protocol restrictions and defers to the OS Schannel settings.

#Completing the Changes

A full system restart is required after the commands complete. The .NET runtime reads these values once at process start, so simply reopening IIS Manager is not sufficient. Reboot the machine, then relaunch IIS Manager and test the remote connection to your hosting account.

#Verification Steps

  • Open regedit and confirm the four DWORD values exist and are set to 1 under the referenced paths Attempt the IIS Remote Management connection again If other .NET applications perform HTTPS calls, verify they continue to function normally

#Troubleshooting Tips

If the error remains, verify the PowerShell session was truly elevated and that no typos were introduced in the commands. On mixed 32-bit and 64-bit environments the WOW6432Node keys are essential. These settings affect all .NET 4.x applications; monitor for unexpected side effects on other software. Avoid deploying the changes on machines that must maintain legacy TLS compatibility for internal systems.

Applying these TLS configuration changes resolves the IIS Remote Management error and improves secure outbound connectivity for other .NET tools. Test the connection after rebooting and refer to additional remote management articles for further Windows server setup guidance.