If you decide to have a different config for each AMT device using UUID???.conf.xml, you need to know the UUID before hand maybe from the manufacturer. When yourconfiguration server receives the hello message, you can extract the UUID and then locate the UUID.conf.xml match.
TLS doesn't require you to use different sets of PSK and certificates. It is up to you to decide. But of course using different combinations is much more secure.
I agree with you on the second part, it is not easy to change the AMT parameters (i.e. hostname) since you also need to change the certificate. But I think Intel has a recommendation on how to handle this situation. You may refer to the "Deployment Guide" document provided by Intel.