Hi,
Based on my understanding , on a server core, not only the CA ,there is no GUI for other roles either.
To renew the CA certificate, we need to use the command :
Command:Certutil -renewCert ReuseKeys renews the CA with the existing key pair
Command:Certutil -renewCert renews the CA with a new key pair
More information for your reference:
https://learn.microsoft.com/en-us/windows/win32/seccrypto/certification-authority-renewal
https://learn.microsoft.com/en-us/previous-versions/windows/it-pro/windows-server-2012-R2-and-2012/cc732443(v=ws.11)?redirectedfrom=MSDN
Best Regards,