diff --git a/scripts/pkgmeek b/scripts/pkgmeek
index 8cf6fbc..92d23e9 100755
--- a/scripts/pkgmeek
+++ b/scripts/pkgmeek
@@ -182,10 +182,10 @@ if [ "$pkg_utd" = 0 ] || [[ "$PKGMK_FORCE $PKGMK_EXTRACT_ONLY" =~ yes ]]; then
 	# Check the footprint of the built package, unless '-if' was given
 	[ "$PKGMK_IGNORE_FOOTPRINT" = "yes" ] || check_footprint
 
-fi  # Continue from here if extract and build were skipped
+	# Create signature if it doesn't already exist
+	[ -e "$PKGMK_ROOT/.signature" ] || make_signature new
 
-[ "$PKGMK_IGNORE_SIG" = "yes" ] || [ -e "$PKGMK_ROOT/.signature" ] \
-	|| make_signature new
+fi  # Continue from here if extract and build were skipped
 
 # Clean up the work directory.
 find . -maxdepth 1 -mindepth 1 -type l -delete; cleanup_work
@@ -492,9 +492,11 @@ make_signature() {
 	[ -n "$PKGMK_PRIVATEKEY" ] || PKGMK_PRIVATEKEY="$(get_repo_key secret)"
 	if [ -n "$PKGMK_PRIVATEKEY" ]; then
 		pub="/etc/ports/$(basename -s .sec "$PKGMK_PRIVATEKEY").pub"
-	else
+	elif [[ "$PKGMK_UPDATE_SIG$PKGMK_REFRESH_SIG" =~ yes ]]; then
 		error "No suitable secret key found. Specify one explicitly with '-sk'."
 		return $E_SIGNATURE
+	else
+		return 0
 	fi
 
 	# create a new .signature, or refresh an existing manifest?
@@ -526,7 +528,7 @@ make_signature() {
 			fi
 		;;
 	esac
-	[ "$1" = "new" ] && echo "signature created." || echo "signature updated."
+	[ "$1" = "new" ] && info "signature created." || info "signature updated."
 }
 
 interrupted() {