It is possible to change the signing key used to sign an existing Release Bundle, if required. For example, a new key might be required if the original key is compromised or in cases where the responsibility for the Release Bundle moves to a different department or team in your organization.
You can change the key when creating a new version of the existing Release Bundle or when promoting the current version of the existing Release Bundle.
Distribution, however, always uses the key that was used to create the Release Bundle version.
Note
It is always possible to change the signing key for the Release Bundle using the REST APIs.