I’m not sure, if I got your question correctly. But first of all, we need to clarify, if the wiki is hosted as a sub-directory of a top level domain, such as:
example.com/wiki
or if the wiki is hosted with a sub-domain:
wiki.example.com
If the first one:
This will be more difficult. The DNS record for example.com would point to the server of your customer, where the other services are hosted, too (like example.com/blog). This server would need to be configured to forward the requests to the external hosting service. It depends on the webserver how this can be configured and what would be the best approach.
For your TLS question, it would most likely be the following setup in this case: The webserver of your customer (behind example.com) would terminate the TLS connection, which means it will decrypt the data sent on the connection and handles it accordingly. The private key of the used certificate would only be saved on the server of your customer. The server then would forward the data to the external hosting service. You should then clarify, what “external” means in this case: Will the traffic be routed internally in your data center (means: Can you ensure, that the data can never ever be transmitted or sniffed from the outside?). If so, it would maybe be ok to transmit the data in clear text without any encryption.
However, if external means, that the server hosting the MediaWiki instance, is hosted in some other data center (which means the data is transferred using an external network, like the internet), you need to think about encrypting the data again. That would mean, that the server of your customer would need to open an encrypted connection with the wiki-hosting server to forward the request. The wiki-hosting server would then need their own TLS certificate for that. For your second question with the load of the server: That would mean, that the server of your customer would first decrypt the data from the user-facing connection to forward it to the backend wiki-hosting server, which includes encrypting the data again. This can, depending on the load of the server and the number of requests, be more expensive.
If the second one:
That would make things a bit easier: You could create a new DNS record for the subdomain wiki.example.com pointing to the IP address of the external wiki-hosting server. The request would then go directly from the users client to the wiki-hosting server. There would be no need for the current server of your customer to proxy anything or doing something similar. Also: The external wiki-hosting server then would decrypt/terminate the TLS connection. This, on the other hand, may create a separate problem: Depending on the certificate used for the domain example.com, you probably would need to share the private key of that certificate to be able to use it for the wiki.example.com domain (if it’s a wildcard certificate). If you need to do that, you should definitly think about if you trust the external hosting server and operator enough to give them such ciritical information. If you can’t trust them so much (they would be able to decrypt any encrypted data transferred between the server and customer, which used this private key), then you would need to create a separate certificate for wiki.example.com and use it on the wiki-hosting server, only.
I hope this answers the question, if not, please provice some more details what you want to achieve and where the problsm are. Also: This doesn’t seem to be a real MediaWIki related question, as MediaWiki doesn’t really care about such things, as these are handled by the webserver 