Issue upgrading my distribution's packagers - Invalid package file

I have tried upgrading some System Packages, but a window with the title ‘Technical details’ has given me this report on an invalid package file:

Invalid package file:
package python3-protonvpn-nm-lib-3.16.0-1.fc38.noarch cannot be verified and repo protonvpn-fedora-stable is GPG enabled: /var/cache/PackageKit/38/metadata/protonvpn-fedora-stable-38-x86_64/packages/python3-protonvpn-nm-lib-3.16.0-1.fc38.noarch.rpm could not be verified. /var/cache/PackageKit/38/metadata/protonvpn-fedora-stable-38-x86_64/packages/python3-protonvpn-nm-lib-3.16.0-1.fc38.noarch.rpm: Verifying a signature using certificate A88441BD4864F95BEE08E63A71EB474019940E11 (Proton Technologies AG 1. Certificiate 71EB474019940E11 invalid: certificate is not alive because: The primary key is not live because: Expired on 2022-10-28T13:52:11Z 2. Key 71EB474019940E11 invalid: key is not alive because: The primary key is not live because: Expired on 2022-10-28T13:52:11Z: digest: SIGNATURE: NOT OK

I have run sudo dnf remove to remove protonvpn, but I still run into this issue, what can I do to fix this?

It looks like you still have a dependency of protonvpn installed, python3-protonvpn-nm-lib - you can try removing that with dnf remove python3-protonvpn-nm-lib. You might want to also do rpm -qa | grep proton to see if there are any other protonvpn-y packages around, and uninstall those too.

The actual problem is outside Fedora’s control, by the looks of it - this is a third party repo whose GPG key expired. There is probably a file under /etc/yum.repos.d with a name with “proton” in it which defines that repo; you can find out what package it’s a part of with rpm -qf /etc/yum.repos.d/(filename) and remove that package too.

Of course, if you want protonvpn, this is a problem, but one Fedora can’t really solve…

As mentioned removing protonvpn is probably going to be the best option. If you still want to use protonvpn, I would recommend the version on flathub since you don’t have to deal with Protonvpn’s repo.

Protonvpn has had a history where their repos are iffy. In past distro upgrades, they would often take time to actually release the repo for the new version which led to all sorts of errors.

The version on flathub is admittedly a bit slow, but mostly fine otherwise. Note that it does not have the background functionality, so you have to open it up each you want to connect and disconnect.

Also per the official instructions, you have to use multiple commands to completely remove protonvpn. The commands below are pasted directly from official documentation from the link below.

To uninstall the official app, run:

sudo dnf remove protonvpn -y; sudo dnf autoremove -y; sudo dnf clean packages

Check if all Proton VPN packages are uninstalled:

dnf list installed | grep proton

Check if any Proton VPN folders remain on your system:

ls -ld /usr/lib/python3.*/site-packages/proton*

If any folders are found then remove them using:

sudo rm -rf /usr/lib/python3.*/site-packages/proton*

Check again that all folders are removed (see last step above).