ABSTRACT The distributed paradigm as manifested in distributed networks, calls for a different way from the traditional client-server model for providing Trusted third party (TTP) services to strengthen security. Certificate Authorities (CAs) are among the most common such TTP. Generating certified keys and manage certification information (the basic functionality of a CA) in a fully distributed manner is a key challenge in the distributed IT environment. Current approaches are based on the use of trusted entities within the distributed system that constitute single points of failure and follow complex certificate management and revocation mechanisms capable of hindering their adoption in a large scale. The hardware resources cost of each distributed system member committed to realizing and maintaining such certificate authority system can be high. Furthermore, distributed CA approaches lack flexibility when it come to dynamic member behavior such as dynamic member joining or leaving the system, since they employ complex, computational intensive mechanisms for retaining the CA consistency during such activity. In this paper, we propose the combination of a distributed key generation threshold cryptography scheme along with an efficient secure certificate-based encryption scheme to provide a solution that matches the above problems. The outcome of this proposal is a distributed Threshold Certificate-Based Encryption Scheme that has no need for any centralized trusted entity to create, and split secrets or distribute keys-certificates at any point during its operating cycle. The proposed scheme has few requirements concerning certificate management due to its inherited Certificate-based Encryption features which enables the scheme's participants to use their certificates as keys and has an easy participant addition-removal mechanism to support dynamic network environments. Extending the work done in (Fournaris, 2012), in this paper the proposed distributed Certificate Authority and encryption/decryption scheme is described and analyzed, participant addition and removal mechanisms as detailed and the scheme's security and performance is discussed. Performance characterization reveals that our scheme is very efficient in terms of computational intensive and resource constraining operations like Elliptic Curve point multiplication and bi-linear pairing.