Wireless mobile ad hoc networks (MANETs) do not have centralized infrastructure and it is difficult to provide authentication services. In this paper, we apply Certificate Graph (CG) and identity-based security in designing an admission control scheme for MANETs. We first use one-hop message exchange to build CG at each mobile node. Then we select maximum clique nodes in CG as distributed Certificate Authorities (CAs). We use identity-based key agreement from pairings to protect each session. Then we prove the security by Canetti–Krawczyk (CK) model-based analysis. We demonstrate the effectiveness and feasibility of our protocol through computer simulations.