Did you know in Bluemix you get inbound SSL for free? It is automatically turned on and enabled for every app. All you have to do is just access your app over https instead of http.
Developers don’t need to implement SSL in their app, you just need to support HTTP and the Bluemix infrastructure will support HTTPS for you and do SSL offloading.
Additionally Bluemix supports the x-forwarded-proto header to allow developers to check with protocol requests are coming in over.
Kraken.JS is a new wonderful framework wrapper around Express for Node.JS. It includes things such as pre-canned security settings, templating, and internationalization. While Express in Node allows you to customize these type of things its not the most fun thing or exciting thing to do. While security is very important in your app why should you have to write redundant code for this. The answer is you do not have to anymore.