First off, it is important to note that there are two distinct methods of utilizing a certificate. By using a server-signed cert from a CA, the user will authenticate before the page loads (establishing a secure channel), allowing you to identify them. On the other hand, storing the user cert in the UserProfile implies storing the private cert - a considerably insecure approach. What specific information do you plan on keeping in the user profile for authentication purposes? If you are reading this data from UserProfile, how will the user actually authenticate? Via username and password? In that case, what is the purpose of the cert in the profile?
I personally would advise against implementing SSL within Django. A more effective approach is delegating all SSL responsibilities to Apache through a HTTP header. Provide users with a certificate that they can install in their browsers. When they connect to the site, Django can verify the certificate and extract the associated username from the request. This username can then be passed as a HTTP header to the Django app, such as HTTP_USER_NAME=some_user. Ensure that Apache removes any headers like these from the client's request. The Django App should then trust that Apache has completed the authentication process and retrieve the username. This method is successful with Nginx, and although I have not tested it with Apache, there shouldn't be any reasons why it wouldn't work; perhaps an additional apache mod may be required.
The only drawback of this approach is the potential manual effort involved in signing/sending certificates to users. However, if this operation is infrequent, it may be worth it for the security benefits it provides.
UPDATE: For guidance on implementing SSL authentication in Apache, refer to this link: . Additionally, here is a resource for configuring nginx for the same purpose: .