TLS termination and passthrough are mutually exclusive, once you have terminated TLS you can turn back in time and pass the TLS session through instead.
If you want to take any decisions based on the URL, you have to terminate TLS first, because otherwise you cannot see the URL. This excludes any TLS passthrough.
I suggest you elaborate your use-case, maybe I just misunderstood your requirement?