Every year or thrice a month we have certificate updates for our various clients.
We need to open their website and in chrome view certificate and download as .der.
Everytime we hit keytool command and update it to cacerts on local for development and on Production for connection.
Is there way through "Java code" that we need to to download and update cacerts folder every time to prevent abrupt downtimes or any other way to do it?
Yes, although you should probably ask yourself questions on why you need to. Edge cases do abound and sometime it is simply necessary.
There is the Keystore API and you could write some code against that as detailed here: https://www.baeldung.com/java-keystore
You will, of course, need to ensure that correct checks and access control are in place, otherwise a bad actor could use this to modify your keystore and cause system to permit connect to/from things they shouldn't.