The Certificate Signing requests that Openfire generates now uses a key size of 1024 and 384 bit for RSA and DSA respectively. These values are currently hardcoded, but should be configurable. The default size should be increased to 2048.
Interestingly, a similar issue was raised on the site today: http://community.igniterealtime.org/message/204831#204831
Self-signed certificate generation will now produce RSA and DSA certs with a higher keysize (2048 and 1024 respectively, which is the highest value allowed by the BouncyCastles implementation). Keysizes are configurable trough the new properties cert.rsa.keysize and cert.dsa.keysize