Questions about UAF registration matchCriteria error

[Terese]

Hello everyone, 

I'm currently troubleshooting with the FIDO conformance tool and stuck with the same error for days and finally came here for help. 

<The error>

P-10 Register three different authenticators with the target server, and check that for each registered AAID and KeyID combo, server returns corresponding MatchCriteria in the disallowed array.

The problem is in the Server Registration part and I can't understand that the server can designate the disallowedKeyID and send it within a policy.

To me it seems like the tool already makes its own disallowedKeyIDs. How can I intercept between and send the right one so there would be no difference between the expected KeyID and the one created from my Server?

Any thoughts or experience sharing would be really apprecitated. Thanks!