The invention relates to a three-party authentication key agreement protocol generating method based on certificates. The method is applied to a wireless network system and comprises the steps: (1) three communication parties A, B and C respectively send respective certificate to other two parties; (2) after the communication party A receives the certificates sent by the communication parties B and C, x is randomly selected as a temporary private key, the formulas that MA=(g*g<c>)*g<x> , NA1=(g)<x> and NA2=(g<c>)<x> are calculated, then the communication party A sends MA and NA1 to the communication party B, and sends MA and NA2 to the communication party C, and the processing modes of the communication parties B and C are identical with that of the communication party A; (3) after the communication party A receives the messages sent by the communication party B and the communication party C, calculation and verification are performed, if the formula is false, a protocol is stopped from operating; if the formula is successful, a session key is calculated; the modes of calculating the session keys of the communication party B and the communication party C are identical with that of the communication party A; (4) an agreement is completed. According to the three-party authentication key agreement protocol generating method based on the certificates, modular and exponent arithmetic and a hash function are used, the operation efficiency is higher, and the agreement can resist the man-in-the-middle attack, the unknown secret key sharing attack and the secret key reveal impersonation attack, so that the safety is high.