SOA Infrastructure Startup Failure in SOA 12c

========================================================================
Applies To:
BPEL - version 12.1.3
WLS - 12.1.3
========================================================================
Problem:
SOA Infra failed to start

Error Snippet:
Caused By: java.security.UnrecoverableKeyException: Password verification
failed  at sun.security.provider.JavaKeyStore.engineLoad(JavaKeyStore.java:769)
        at sun.security.provider.JavaKeyStore$JKS.engineLoad(JavaKeyStore.java:38)
        at java.security.KeyStore.load(KeyStore.java:1185)
        at oracle.j2ee.ws.saaj.util.SSLUtil.loadKeyStore(SSLUtil.java:73)
        at oracle.j2ee.ws.saaj.util.SSLUtil.getKeyManagerFactory(SSLUtil.java:88)
        at oracle.j2ee.ws.saaj.util.SSLUtil.getKeyManagers(SSLUtil.java:97)
        at oracle.j2ee.ws.saaj.util.SSLUtil.createSSLSocketFactory(SSLUtil.java:50)
        at oracle.integration.platform.common.SSLSocketFactoryManagerImpl.getSSLSocketFac
        tory(SSLSocketFactoryManagerImpl.java:58)
        at oracle.fabric.common.wsdl.WSDLManager.init(WSDLManager.java:356)

======================================================================
Cause:
As per oracle documentation of SOA 12c- Administering Oracle SOA Suite and Oracle Business Process Management Suite, this is known issue and causes because of cwallet.sso has the SOA map
======================================================================
Resolution:
Perform one of the following actions
Delete the SOA map in cwallet.sso.
OR
Remove $DOMAIN_HOME/config/fmwconfig/default-keystore.jks
Restart the SOA Infrastructure

oracle.wsm.policymanager.PolicyManagerException: WSM-02141 : Unable to connect to the policy access service in SOA 12c(12.1.3)

========================================================================
Applies To:
BPEL - version 12.1.3
WLS - 12.1.3
========================================================================
Problem:
Today critical issue has been reported by user for SOA 12c (12.1.3) that policy manager has stopped working and while accessing WSM policy manager following error is seen,
oracle.wsm.policymanager.PolicyManagerException: WSM-02141 : Unable to connect to the policy access service

Services which uses security policies throwing below error
>>>InvalidSecurity : error in processing the WS-Security security header

Error Snippet:
oracle.wsm.policymanager.PolicyManagerException: WSM-02141 : Unable to connect to the policy access service.
at oracle.wsm.policymanager.BeanFactory.getInitialContext(BeanFactory.java:810)
at oracle.wsm.policymanager.BeanFactory.getJndiObj(BeanFactory.java:844)
at oracle.wsm.policymanager.BeanFactory.lookupJndiObj(BeanFactory.java:1175)
at oracle.wsm.policymanager.BeanFactory.getUsageTrackerBeanEJB(BeanFactory.java:1019)
at oracle.wsm.policymanager.BeanFactory.getBeanEJB(BeanFactory.java:544)

======================================================================
Cause:
As per oracle documentation of SOA 12c Fusion Middleware Securing Web Services and Managing Policies with Oracle Web Services Manager, by default WSM Policy Manager is auto-wired in the domain agents and its default targeted to the managed servers and not to the AdminServer. This means that AdminServer uses an agent to connect to the policy manager and we need to manually bind the OWSM Agent to the Policy Manager URL.
In my case listen address of MS has been changed recently and owsm-pm-connection-http and t3 shows the status as Out of Sync
======================================================================
Resolution:
1. Login to EM console
2. From the WebLogic Domain menu -> Cross Component Wiring -> Components
3. In the Components Table, select OWSM Agent
4. In the Client Configurations table, verify that the Client ID owsm-pm-connection-http reflects the correct Policy Manager URL in the Connection column and if the Status column displays Out of Sync, you need to bind the Agent to the Policy Manager.
To do so,
Select owsm-pm-connection-http in the Client Configurations table and click Bind.
In the Bind Client Configuration page, verify that the Service End Point contains the correct Policy Manager URL and click Yes.
Confirmation is displayed on the Components page and the status of the Agent is changed to Wired.
Repeat same for t3 entry as well.
5. Also verify OWSM Policy Manager if status is Published. If status is out of sync then select policy manager and click Publish.