no public CA will issue a certificate for private IP, it's forbidden by CA/B baseline requirement
a domain name pointed to private ip is different story though
You have a hole in your life that can only be filled by DNS. You will need to access your server using https://proxmox.example.net:8006 if you want to use a publicly trusted Let's Encrypt certificate. You will also need to use a DNS-01 challenge and possibly split-horizon DNS. Explain how to do ost of that is beyond the scope of the Let's Encrypt Community.
I wouldn't wish a freenom domain on an enemy. There are simply too many drawbacks associated with that outfit. Any inexpensive domain from a reputable registrar is preferable and likely will make up the fee by being less encumbered.
"You can pay a few dollars to take the bus down, but you could also jump over the edge and tumble down into the ravine and maybe or maybe not break some bones."
Sorry, not my specialty But we're getting off topic
OP needs a domain before getting a cert from Let's Encrypt and Freenom offers free domain names for a number of TLDs, but seems to be non-functional for me at the moment, so there's that.
that's right, I read it. however, I have a different situation. my white ip belongs to the router, my proxmox has the address 192.168.0.107, and I use port forwarding for access from the outside. and so I can't setup a secure connection with standard proxmox means so I want to use nginx and certbot
I have no idea what a "white ip" is, nor why you think any of the rest of this affects the ability to get the cert using Proxmox itself. If you're just forwarding ports to the PVE installation, forward port 80 as well and use the standalone authenticator--no need for nginx or certbot at all.
But if you've decided you want to use nginx for some reason, I'm sure the nginx docs explain how to configure it to use the cert you say you've already obtained.
my server has a local ip address of 192.168...
the white ip is a global ip address from the provider, which I can use from the outside. in order to contact my server from the outside, I use port forwarding, because the white ip address belongs to the router